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Introduction: State of networking 


for the digital age 


Section summary 


ave Key takeaways 


Trends such as globalization, digital transformation, business automation and resilience, and 
sustainability are shaping the requirements for a new kind of network. 


The evolving technology landscape—emerging cloud-native models, Internet of Things, artificial 
intelligence (Al), mobile, cybersecurity threats, and immersive applications—are dramatically 
impacting IT networking architectures and operations. 


The sheer scale, complexity, and dynamic nature of these demands are exceeding the capacity of 
human operators alone. 


New networks are using emerging technologies such as Al, machine learning, and automation to 
simplify and secure operations, enable rapid adaptability, and augment human decision making. 


Global business and technology trends shaping the new network 
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Essential guidance 


IT leaders and network strategists 
should drive a step-by-step approach to 
evolving each of their network domains 
to a controller-based model, building on 
automation and Al technologies. 


IT leaders should build a business and 
technology plan that aligns to business 
priorities and spans architecture, technology, 
Operations, and talent. 


Network strategists and network practitioners 
should identify career and learning pathways 
that will give them the skill sets needed 

to lead this network transformation and 
enhance their value. 


Introduction 


(=) Top prediction 


“By 2025, leading-edge networking teams 
will have intent-based networks operating 
across domains—campus, branch, WAN, data 
center, cloud, service provider, and security. 
Their networks will be able to comprehend 
business and application requirements 

and translate them to network and security 
policies. Agility will be dramatically improved 
through the network’s intelligent automation, 
and networks will operate with a powerful 
feedback loop that provides continuous 
monitoring, assurance, and optimization. 
The intent-based network will ensure that 
business services are continuously delivered 
and protected across the network. These 
advances will lead to significant benefits for 
organizations and also for society at large.” 


— John Apostolopoulos, CTO for enterprise 
networking, Cisco 


Introduction: State of 
networking for the digital age 


In a series of memos written in 1962, J.C.R. Licklider, a director at the U.S. 
Department of Defense Advanced Research Projects Agency, proposed an 
“intergalactic computer network” in which computers around the world would be 


interconnected to provide quick access to data and programs from anywhere.°® 


Only a few years later, in 1965, Leonard Kleinrock, Lawrence Roberts, and Thomas 
Merrill used telephone lines to connect four computers together, effectively creating 


the first wide area network as well as the beginnings of the Internet.® 


More than 50 years later, Licklider’s original vision remains the same, as the 
network continues to connect global consumers of information 


and services to applications and data sources. 


Everything else, of course, has changed. 
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The evolving role of 
the IT network 


Today’s world, driven by the exponential growth 
in technology performance, has become 
increasingly connected, digitized, distributed, 
and diverse. With every “thing” possessing the 
power to process data, compute models are 
poised to become dramatically more distributed 
and networked. And as devices and users 

are added to it, the value and importance of 


the network as measured by Metcalfe’s law 
continues to grow exponentially. 


Digital business continues to fuel networked 
innovations. IDC estimates there will be 48.9 
billion connected devices in use around the 
world by 2023,’ and the 2078 Cisco Complete 
VNI Forecast predicts that the average amount of 
data consumed across a network will be almost 
60 GB per personal computer per month.’ 
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Its not surprising that, given this relentless networks and embrace a future powered by 
growth, we find that IT teams are reaching a technologies that can solve these challenges in 
point where the sheer scale and complexity of vastly new ways. 


networks is exceeding their ability to manage and 
secure them effectively. What’s needed now are 
new systems that combine technologies such 


Before we examine the emerging network 
technology, operations, and talent trends that 
form the basis for this new network, let’s briefly 


as machine learning, machine reasoning, and 
consider the global business and technology 


automation to simplify operations and augment mnie l 
human decision making. trends driving its evolution. 
We are now on the threshold of a new era 
of networking, when IT can break with the 


traditional ways of building and operating 


Figure 1 Global business and technology trends shaping the new network 
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Global trends shaping “ge. 
network demands i ? Globalization 

O, C 
A number of global and business trends are ii 
shaping the role that the network plays in an According to the World Economic Forum, we 
organization. Understanding these trends can are now entering a new, digital-driven era of 
help IT leaders better prepare themselves for the globalization referred to as “Globalization 4.0.” In 
increasing expectations that business leaders this era, digital goods and services, enabled by 
are assigning to the network. digital capabilities and artificial intelligence, are 


the leading exports.’ 


Network impact 


As the connections between systems, 
people, processes, locations, and devices 
get more distributed and complex, the 
economic value of the network to the 
organization will increase, while securing 
and managing the network will become 
more strategic and more difficult. 


According to Gartner, 
o by 2023, over 60% of be 
60% enterprises will deem Digital business 
EEE 


networking as core to 
their digital strategies, 
up from less than More and more businesses are using digital 


20% today deeming technologies such as analytics, mobility, 
networking asa cloud solutions, and the Internet of Things 


strategic enabler.® 


transformation 


(IoT) as the foundation for transforming their 


business. According to the IMD and Cisco 
Digital Vortex 2019 report, 88% of executives 


A brief look at some of these global mega believe that digital disruption will have a major 
trends reveals the demands they will likely or transformative impact on their industries, 
place on the network. compared with only 27% in 2015.19 
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of technologies, systems, processes, supply 
Network impact chains, and infrastructure. Effective business 


: n ; resili i 
The inherent unpredictability of business esilience requires continuously and proactively 


requires a network that can quickly assessing operational risks, establishing and 


adjust to evolving requirements to enable auditing contingency plans, and administering 


; incident response training. 
new services, processes, and models. 


Network impact 


An agile, resilient, and secure 


Business automation network architecture is paramount for 
safeguarding employees, customers, 


and partners and is vital to recovering 
— , ae data and quickly reestablishing services 
he use of automation and robotics in the coming q 3 g 

and access. 

years will continue to surge as companies look to 

improve quality, workforce productivity, customer 


satisfaction, and more. Capgemini Research 


Institute predicts that wide-scale adoption of 
automation could result in up to $471 billion in Sustainability 
cost savings by 2022 across the automotive, 


retail, utilities, and manufacturing sectors." 


As our world grows more interconnected, 

organizations are being challenged to grow in 
Network impact environmental sustainability. In addition to the 
Because automation of processes is standard metrics, organizations will be judged 
time sensitive and mission critical, the on how well they reduce greenhouse gas 
network needs to ensure that packets emissions, preserve biodiversity and natural 
are delivered reliably and on time. resources, and design products to minimize or 


recycle waste. 


Business and Network impact 


operational Advanced networks offer the promise of 


resilience greater efficiencies in virtually all aspects 


a S of the business, from energy consumption 
Because of globalization and digital ae i 
, for to resource usage to emissions reduction. 
transformation, today’s organizations are 


dependent on an increasingly complex web 


ajaj 
cisco 


Introduction 


tt 


| 2020 Global Networking Trends Report 


Apps and data are leaving the premises: 


Technology 
trends driving 
network evolution 


Right now a number of emerging trends 
are dramatically changing the IT landscape. 
A closer look at some of these key trends 
reveals the impact they might have on the 
enterprise network. 
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The evolving 
application landscape 


Applications and data, of course, are at 
the heart of digital business, and how 
applications are developed, hosted, and 
consumed is constantly changing to meet 
new business needs. 


Here are some of the ways that applications 
are evolving, and in some ways, reshaping 
the network: 


Applications and data are being modularized 
into microservices and moved to multiple public 
clouds. In some cases, they are also being 
distributed to the network edge. And they are 
increasingly being consumed from multiple 
software-as-a-service (SaaS) providers. 


Apps are modular and distributed across 
environments: Monolithic applications are 
in many cases dissolving into interconnected 
microservices that are delivered via a variety 
of virtual and physical workloads, including 
containers, across the entire enterprise. 


According to the 
Uptime Institute, half 
of all workloads will 
be run outside the 
enterprise data center 
by 2021, either in 
cloud and data center 
infrastructures or at 
the network edge.? 


Apps are being built continuously and 
For applications developed and hosted 


rapidly: 
on-premises, IT has to accelerate its own 
infrastructure service creation and delivery to 
meet the needs of applications and users, all 
while containing operational costs. 


Apps are migrating from physical to virtual to 
containers to serverless: The rise of containers 
is exposing application design and deployment 
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paradigms to a much more massive disruption, 


namely serverless architectures, which is forcing 


organizations to reexamine how applications are 


built, the role of infrastructure, and the design of 


operational processes. 


lol 


~ 


20% 


It is estimated that by 
2021, installed and in- 
use container instances 
will exceed 3.5 billion, 
with over 20% of them 
running in distributed 
locations serving edge 
and loT workloads.’ 


The exploding use of loT devices, apps, and 


accompanying data is driving the creation of 


new distributed compute models that consist 


of exponentially greater levels of scale and 


complexity. According to the Cisco “VNI Forecast 


Highlights Tool,” machine-to-machine (M2M) 


devices will account for 51% (14.6 billion) of all 


networked devices around the world by 2022.1? 


Introduction 


Network impact 


With applications and microservices popping 
up across all domains, the network should be 
seen more as a growing set of interconnected 
“nerve clusters” situated where the data Is, 
which could be anywhere along the edge- 
cloud continuum. The new network needs to be 
able to securely connect within and between 
these interconnected “nerve clusters” as well 
as to fundamentally understand how these new 
application models work and to dynamically 
extend application policies across the network 
to wherever the applications are hosted. 


Network impact 


In addition to providing connectivity and 
security for an incredibly diverse range of 
loT devices, network administrators will 
need to devise scalable and efficient ways 
of automatically identifying, classifying, 
and applying policies and monitoring them 
to ensure proper functionality without 


impacting or compromising other services 
running on the network. 
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Network impact 


To unlock the full potential of Al in 
business, more computational processing 
and decision making have to be done 


closer to the edge. Depending on 
Al performance, capacity, privacy, and even 


cost considerations, the placement of Al 


The emergence of Al-powered apps for both processing and data will range from the 


business and consumer use is leading to a 
cloud to on-premises data centers to the 


whole new world of connected, intelligent, and edge of the network. 


automated devices that are being deployed 


everywhere. 


Network impact 


Employees accessing cloud applications 
from corporate and private devices when 
off network is creating a lack of visibility 


and control that network and security 
Mobility administrators haven’t faced. And a wave of 
loT devices will add to wireless networking 


According to the Cisco “VNI Forecast Highlights 


28 requirements in terms of scale, different 
Tool,” global business mobile data traffic will 


traffic patterns, and security. 
grow sixfold from 2017 to 2022 at an annual 


growth rate of 42%.'2 Business mobile users 


will continue to expect immediate and high- 
performance connectivity anywhere, anytime, 
and on any device over Wi-Fi and public 4G 

and 5G networks. At the same time, wireless 


loT devices will become increasingly ubiquitous 
in all aspects of our lives. 
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Network impact 


While the network will continue to be a 
powerful ally in identifying and containing 
threats, network and security operations 


need to share data and integrate tools and 
Security workflows to best combat the continued 


rise in number and sophistication of attacks. 


Cybersecurity threats are becoming increasingly m addtion e network can extend the 


sophisticated and dangerous across a broader reach of IT into cloud environments to help 


attack surface that is no longer contained protect applications and data even when 


within well-defined and defended perimeters. not directly under their control. 


In particular, as workloads move off-premises, 
there is a danger that IT will lose visibility. 


Network impact 


The network will need to provide 
the end-to-end bandwidth and low- 


latency communications and dynamic 
performance controls required to enable 
such immersive experiences. 


Immersive experiences 


Increasing video usage and the emergence of 


virtual reality (VR) and augmented reality (AR) 
for improved collaboration, training, productivity, By ZU22, Internet video 


; 0) 
and remote working experiences will place ever o will represent 82% of 
greater demands on an organization’s network. 82 /o all business Internet 


traffic, VR/AR traffic will 
increase twelvefold, 
and Internet video 
surveillance traffic will 
increase sevenfold. !° 
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Not only is this dynamic technology landscape a reality for all organizations and their customers, but it’s 
also the engine for the digital economy. It’s no surprise then that IT is feeling the pressure to address all 
these trends with the right networking technology strategies, operations models, and talent. 


Figure 2 Technologies driving new network demands 
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The need for a new | | | 
: diverse and fast-changing set of users, devices, 
ki nd of network applications, and services. It needs to seamlessly 


— . i . and securely onboard this diverse set of devices 
In this increasingly demanding environment, 


there is a critical need for IT leaders to migrate to eNOS INET te CES ed Se! au Applicaton 


a radically new approach to networking. Speen: 


For an organization to flourish in the digital It also needs to ensure fast and secure access 


economy, the network needs to be able to adapt to and between workloads wherever they reside. 


, And for the network to function optimally, all this 
quickly to changing business requirements. 


, , needs to be achieved end to end between users, 
The network needs to support an increasingly 

devices, apps, and services across each network 
domain—campus, branch, remote/home, WAN, 
service provider, mobile, data center, hybrid 


cloud, and multicloud. 


Which means that organizations need a new, 
integrated architecture for each network domain, 
one that is customized to meet the specific 
needs of that domain and that provides a way 

to communicate and enforce consistent policy 
across all domains. 


Figure 3 Four primary objectives for the new network 
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Cisco experts envision the 
emerging network architecture. 


The majority of today’s networks are not yet 
ready to meet the demands of this emerging 
digital era. In our 2019 Global Networking Trends 
Survey, we found that while 39% of IT leaders 
believe that their networks are very well aligned 
to meet the demands of digital business, only 
19% of network strategists believe likewise. 14 


Yet there is reason for optimism. John 
Apostolopoulos, Cisco’s CTO for enterprise 
networking, anticipates a relatively short 
transition from today’s largely rigid, manually 
operated infrastructures to more agile, software- 
driven architectures that can “continuously 
adapt to meet the changing demands of the 
applications and services the organization 
depends on.” 


“Networks will operate as 
a system with increasing 
levels of autonomy, 
taking into account their 
own state, the dynamic 
state of all the users and 
applications, and the vast 
array of possible options.’ 


J 


- Ravi Chandrasekaran, SVP of engineering, 
enterprise networking, Cisco 


| 2020 Global Networking Trends Report Ar 


Introduction 


What will this emerging network architecture 
look like? According to Ravi Chandrasekaran, 
SVP of engineering, enterprise networking 

at Cisco, “Networks will operate as a system 
with increasing levels of autonomy, taking into 
account their own state, the dynamic state of all 
the users and applications, and the vast array of 
possible options.” 


We found that while 39% 
of IT leaders believe that 
their networks are very 
well aligned to meet 

the demands of digital 
business, only 19% 

of network strategists 
believe likewise. 


39% 


Key to achieving this more autonomous state will 
be Al, which will help IT teams quickly respond 
to changing network conditions, whether that 
means automatically changing traffic routes, 
requesting more bandwidth, requiring a policy 
change, or even refusing a new service request. 


Over time, by taking advantage of systemwide 
intelligence and automation, the network will 
become completely transparent to the user. It will 
simply be there, delivering secure connectivity 

to the services they need at the required level 
everywhere, at all times. 


While Apostolopoulos admits there is still a 
long way to go before networks will have all 
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the intelligence and power they need to deliver 
on this promise, he believes that the technical 
advancements needed to bring together Al- 
enabled service assurance, controller-based 
automation, natural language processing, and 
significant improvements in network security are 
well underway. 


Use case for the new network 


In 2025, a leading-edge enterprise network will 
be able to take a requirement communicated in 
natural language from any line of business and 
automatically translate that into a set of policies 
and automated actions that will ensure that the 


Figure 4 Use case for the new network 
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Introduction 


business need is continuously met across 

the network—all without impacting any other 
existing services. A network with these kinds 
of capabilities is what’s commonly known as an 
intent-based network. 


Here’s what a hypothetical use case for an 
intent-based network might look like. 


Overview: An organization wants to use wireless 
loT optical sensors to Support a new business 
innovation delivered through an AR application. 
Here’s how business need and intent would be 
translated into network action. 


Assurance and remediation: 
The network continuously monitors 
the performance and security of the 
sensors, applications, and traffic flows 
and offers recommended remediation 
to optimize the user experience. 


» Automated segmentation: 

The application services and traffic are 
confined to a separate segment in the 
; cloud that is automatically connected 
' to sensor segments in the campus and 
‘branch networks over the WAN. 
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classification: 

Sensors are automatically discovered, 
authenticated, and classified as optical 
sensors and put on the appropriately 
secured network segment. 


5] Automated device ~@ a w 4] Network policies: 
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Intent-based 
network 
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deliver a cloud-based augmented 
reality application. 


Business intent: 

Sensors should be highly secure; 
! the application is business 
‘Critical, while traffic is not highly 
time sensitive or latency sensitive. 


` - 


Intent translation: 

The network captures these 
requirements and translates them 
into network and security policies 
and actions. 


` , 


Translated policies are verified to be 
compatible with other policies and 
then automatically activated across 
all appropriate network devices. 
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The state of network architecture 


Where do organizations stand today in their journey toward a more advanced network that can meet 
the demands of the digital era? Cisco’s digital network readiness model provides a standard five-stage 
maturity model to help IT organizations assess their current level of network readiness and help them 
plan where they need to be in the future. 


The model can be applied across multiple network readiness categories such as architecture, access, 
WAN, assurance, network security, etc. 


Figure 5 Cisco digital network readiness model 
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Trends in 
network technology 


Five technologies that are shaping 
the new network 


At this very moment, a number of major networking technology developments are coalescing 
to form the foundation for a new networking model. Advances in five technology areas in 
particular—automation, Al, multicloud networking, wireless, and network security— 
promise to power the biggest wave of network transformation seen in decades. These 
technologies will support the market’s needs for increased scale, agility, and security and, by 
doing so, will enable the emerging trends that are changing the world as we know it. 
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Figure 6 Five technologies enabling network transformation 
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Technology: Network automation 


Network automation at scale 


Section summary 


Se Key takeaways 


Together, software-defined networking 
(SDN), intent-based networking (IBN), 
network virtualization, programmability, 

and open-platform network controllers are 
making automated alignment of network 
services to business needs and IT processes 
a reality. 


IBN augments the automation capabilities 

of SDN with the ability to translate intent 

into policy, gather data, provide visibility, 
remediate problems, and assure that policies 
are actually doing what was intended. 


The goal of IBN is to continuously apply and 
assure service performance requirements, 
security and compliance policies, and IT 
operations processes across the whole 
network. 


Application programming interfaces (APIs) 
on an open-platform controller allow 

the controller to integrate and exchange 
intelligence with adjacent network and 

IT services, other IT domains, business 
applications, and heterogeneous 
infrastructure. 


alll Key findings 


According to IT leaders, network automation 
(25%), SDN (23%), and IBN (16%) are among 
the technologies that will have the most 
impact on networking over the next five years. 


27% of IT leaders identified a siloed design 
and operational approach across access, 
WAN, data center (DC), cloud, and security 
domains as causing an obstacle to their 
adoption of advanced network technologies. 


34% of IT leaders identified better network 
coordination and integration with other IT 
teams as an important area for improvement. 


While only 4% of IT leaders and network 
strategists classify their network as an intent- 
based network today, 35% plan for their 
network to be intent-based within two years. 


ajaj 
cisco 


Section summary 
(continued) 


Essential guidance 


IT leaders should assess their network 
readiness to deliver network services at a 
pace that the business needs. 


Explore building a roadmap that delivers 

on a strategy of closed-loop intent-based 
networking across each network domain in 
incremental steps that each deliver the best 
ROI to the organization. 


Identify and prioritize the IT processes and 
business applications that will benefit most 
from integration with an open-platform 
network controller. 


C= Top prediction 


“The long-held vision of end-to-end intent- 
based policy enforcement will start to be a 
reality by 2025. Networking teams will be 
able to automate dynamic segmentation and 
service optimization polices at scale across 
domains (access, WAN, DC, multicloud, loT) 
all the way from client to application and 
between distributed workloads.” 


— Ronnie Ray, VP of Customer Experience 
for enterprise networking, Cisco 
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Technology: Network automation 


Network automation 
at scale 


Network automation, of course, is the process 
of automating the configuration, management, 
testing, deployment, and operation of physical 
and virtual devices within a network. Even 
network optimization itself can be automated to 
create continuous service enhancements. 


According to Gartner, 
“Approximately 70% of 
data center networking 
tasks are performed 
manually, which 
increases time, cost and 
likelihood of errors and 
reduces flexibility.” 1° 


70% 


Automation can improve network availability and 
relieve network operations (NetOps) teams from 
time-consuming daily tasks, so its not surprising 
that when asked which technologies would have 
the biggest impact on networking over the next 
five years, 25% of IT leaders pointed to network 
automation. '4 


Innovations in the areas of SDN, IBN, 
virtualization, programmability, and open platform 
controllers are making automation a reality for 


networks today. 
25% of IT leaders 
250 \ believe automation will 
9% have the biggest impact 
on networking over the 
next five years." 
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Software-defined networking: 
Just the beginning 


Over the last few years, SDN has offered a 

big step forward in enabling networkwide 
automation. SDN allows networking teams to 
manage networks as end-to-end systems, 
making management more efficient and flexible 
by separating the control and forwarding planes. 


As a result, the control plane is directly 
programmable. It abstracts the underlying 
devices and infrastructure from applications 

and network services. Network intelligence is 
logically centralized through programmable SDN 


controllers. 


SDN was initially introduced to simplify complex 
data center environments that needed to 
support portable, dynamic workload migrations 
and server-to-server traffic. The same principles 
underlie software-defined access (SD-Access), 
which helps secure user and device access 
more effectively, and software-defined WAN 
(SD-WAN), which can enable better user 
experiences accessing applications and cloud 
services. 
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Intent-based networking: 
Closing the loop 


The primary objective of network teams is to 
continuously deliver application and service 
performance and protection for the business. 
So while SDN offers important advances in 
automation, it is only part of the solution. 
Organizations also need continuous network 
monitoring and optimization to support 
increasingly dynamic and digitally driven 
business models. 


To achieve this, networks must understand the 
changing intent of the business and monitor 
dynamic network conditions so they can 
continuously accommodate that intent. According 
to an Internet Engineering Task Force (IETF) 
draft, “Intent constitutes declarative policy with a 
networkwide scope. A human operator defines 
‘what’ is expected, and the network computes a 
solution meeting the requirements.” '® 


Intent-based 
networking is a 
relatively new 


was first introduced 
to the market in 201 7 
and has since been 


adopted broadly by the 


networking industry. 


To be of use, the system also needs to 
continuously verify that the intent is being met, 


networking model that 
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and if not, provide Figure 7 IBN: Building on SDN fundamentals 

guidance on SOFTWARE- INTENT- 
g . DEFINED BASED 

how to rectify it. 

Gartner states 

that “policy-based Input intent 

configurations will 


Translate to policy 
transition to intent- 


Check integrity 
based networking 
(IBN) solutions with 
automation that 
will self-monitor, Orchestrate policies 
ensuring that the Automate network configurations 
network actually 
meets the intent of 


the policies set at 


configuration time.” 15 


In our 2079 Global 
Networking 


Trends Survey, we 
found that 26% of 
network strategists 


Continuous verification 


Corrective actions 


. o o., rovided by IBN is fundamental hi h 

identified deploying intent-based networking in ‘aioe l yee Ube Neral lk 
T desired benefits. '” 

one or more domains as a technology priority for 


achieving the ideal network. And while only 4.3% An intent-based network captures business 
of respondents class their network as an intent- intent and uses analytics, machine learning, 
based network today, 35% plan for their network machine reasoning, and automation to align 
to be intent-based within two years.'* the network continuously and dynamically to 


changing business needs, as well as adapt to 
John Apostolopoulos explains that an IBN = g p 
; changing network loads and other environmental 
controller expands on SDN to deliver a more , 
. , effects. That can mean continuously applying 
complete system for continuously adapting the $ l F 
. , . . and assuring service performance requirements 
network to achieve the desired business intent. It i g p i ? i 
, ae ; and user, security, compliance, an operations 
augments the automation capabilities of SDN with Ea 7 P P 
is I , ; policies across the whole network. 
the ability to translate intent into policy, gather 


data, provide visibility and relevant insights, and How does intent-based networking work? Cisco’s 
then assure that the network is actually doing definition of IBN involves three functional building 
what was intended. The closed-loop feedback blocks: translation, activation, and assurance."® 
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Figure 8 Elements of an intent-based network 


IT intent @ a3 Business intent 


: Capture business intent, 
Translation + translate to policies, and 
check integrity 


Continuous Orchestrate ‘ 
verification insights, policies and T 
visibility, and automate systems h 

tf 


corrective actions configuration , 
a 


Physical and virtual infrastructure 


= BOF 
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IT leaders are pressed to deliver services Network functions virtualization 


faster and more efficiently in collaboration 


and competition with cloud services. From The virtualization model that has radically 


a technology perspective, the compute, altered compute services has been adopted 


processing power, and AI expertise required for in networking in the form of network functions 


IBN are becoming more readily available. virtualization (NFV). It allows NetOps to quickly 


deliver or change network services and deploy 
and administer them remotely. In addition to 


IDC’s Rohit Mehra says, IT agility, NFV delivers substantial physical 
“Intent-based networking is consolidation, saving space and power and 
a significant develooment creating fewer points of potential failure. 
for the networking industry. 7 

It encompasses not only Programmability as a 
advanced levels of visibility, network foundation 


automation, and assurance, 
but it is the platform on 
which new machine learning- 
based network management 
functionality will be built.” 19 


For IBN controllers and systems to be scalable 
and achieve their full potential, they need to 
build on a programmable physical or virtual 
network infrastructure. Programmable devices 
and interfaces and programmable application- 
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specific integrated circuits (ASICs) form the 


underlying foundation for an intelligent network. 


To adopt more efficient, automated systems, IT 
teams continue to move away from traditional 
command line interface (CLI)-based manual 
management approaches. Instead they are 
adopting data model-driven interfaces (DMI). 
These standard model-based interfaces provide 
consistency, openness, structure, and efficiency. 


Leading the way toward a sustainable operational 
model that offers consistency and ease of use, 
IETF standard models like YANG provide a full set 
of northbound programmatic interfaces. 


Open-platform IBN controllers: IT 
process and business integration 


Application programming interfaces (APIs) on the 
controller allow the controller to integrate and 
exchange intelligence with adjacent network and 
IT services, other IT domains, line-of-business 


applications, and heterogeneous infrastructure. 
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This turns the network into an open platform 

that can accept policy specifications from 
applications and devices, take advantage of 
centralized cross-domain policy automation, and 
verify that the system is meeting the needs of 
the business. This improves IT service delivery by 
streamlining workflows across network domains, 
IT systems, and line-of-business processes that 
used to be managed independently. 


In our 2019 Global Networking Trends Survey, 
34% of IT leaders identified achieving better 
network coordination and integration with other 
IT teams as an important area for improvement. 14 


Figure 9 Open-platform controller for integration 
with business applications, IT services, and 
network domains 


With API and software development kit (SDK) 
network extensibility, IT can better align to the 
needs of business and IT apps, streamline 

operations, and ensure investment protection. 
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Cross-domain policy and However, in many cases that’s not easily 


. . hi l 201 l IN ki 
assurance alignment: Client POIR E U A A EOR 
Trends Survey, 27% of IT leaders identified a 


to workload “siloed design and operational approach across 
Networking teams need to work together to access, WAN, DC, cloud, and security domains” 
achieve end-to-end network alignment to as causing an obstacle to their adoption of 
business intent. That means creating a seamless advanced network technologies. '* 


link from wherever the client or “thing” is 
For good reason, the network is normally split 
connecting to the network to wherever the 
be ie into domains that are generally organized around 
service or application is hosted. a 
the domain’s primary objective. However, to 


achieve true end-to-end visibility, control, 


Current Analysis: For an and validation of business intent, policy and 
enterprise to be successful assurance capabilities need to be orchestrated 
with intent-based across domains. 

networking, it needs to fully 

embrace automation in the IT leaders are taking measures to achieve this, 
data center, the campus, with 26% of IT leaders identifying “integrated 
the wide area network, multidomain network policy enforcement and 
and in the branch.2° assurance” as a top priority for increased 


investment. '4 


Figure 10 Policy and assurance: Alignment across all IBN domains 
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Al-enabled assurance 


Section summary 


ave Key takeaways alll Key findings 

oj} \o 
The use of artificial intelligence (Al) is - Over 50% of network strategists identify Al as 
becoming critical for operations, service a priority network investment. 


a Only 17% of network strategists believe a 


AlOps-the combination of Al capabilities lack of maturity in Al technologies poses an 


CMOS SU T E ec Mc obstacle to network modernization. 


established category. 
Only 22% of networking teams are using 


Vins eplesu tm uaiiie We) Units: any Al for network assurance today, possibly 


GleiclalenetoNuticlelt=yeliel lel) (oleic) because the availability of genuine Al- 


Mike Meio eios sip i Mice deins cine enabled tools is still quite new. 


microservices, and ever-increasing security 


7 : ; 
threats is overwhelming network teams. 72% of network strategists project using 


Al-enabled predictive insights or prescriptive 


pia e nair Ol let), ele aA eine remediation within the next two years. 


events generated by networks supporting 
increasing numbers of devices and services 


are exceeding the ability of human operators 

alone to take action. Essential guidance 
Fundamental to an intent-based network 

(IBN) model, Al uses the voluminous - Take advantage of cloud-based Al learning: 
network-sourced data to explore the In some cases, changes in corporate data 
complexity of the environment and policies will be required to take advantage of 
dynamically propose network adjustments. the benefits of cloud-enabled Al tools. 
Machine learning and machine reasoning - Human and Al interlock: Progressively define 
complement each other to deliver complex how far Al can go in making decisions or 
event processing, correlated insights, and taking action before a human operator needs 
guided remediation. to get involved to monitor, approve, or make 


a change. 
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Section summary 
(continued) © 


Al knowledge: Expert networking 
knowledge will be a premium skill set 
needed to verify that Al is achieving IT 
and business objectives as intended. 


C= Top prediction 


“By 2025, Al-enabled network assurance 
tools will fully automate several well-defined, 
specific tasks very well. However, the majority 
of operational tasks that demand more flexible 
and contextual decision making will still require 
the expertise and intervention of human 
operators.” 


— JP Vasseur, Cisco fellow, Cisco 
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Al-enabled assurance 


Al is driving powerful transformations across 
a variety of industries and is now becoming 
critical for IT operations, where AlOps is 
becoming a well-established category. 


What are Al, ML, and MR? 


Simply put, Al is a field of study that gives 
computers human-like intelligence when 
performing a task. Two of the most important 
categories of Al are machine learning (ML) and 
machine reasoning (MR). Machine learning 

can be described as the ability to “statistically 
learn” from data without explicit programming. 
Machine reasoning uses acquired knowledge 
to navigate through a series of possible options 
toward an optimal outcome. 


As such, ML enables a system to scrutinize 
data and deduce knowledge. It goes beyond 
simply learning or extracting knowledge to 
utilizing and improving knowledge over time 
and with experience. In essence, the goal of 
ML is to identify and exploit hidden patterns in 
“training” data. 


MR is well suited for solving problems that require 
deep domain expertise. Humans need to explicitly 
capture all the knowledge a priori in order for 

a machine reasoner to be able to operate on 

new data. MR is a wonderful complement to ML 
because it can build on the conclusions presented 
by ML and analyze possible causes and potential 
improvement options. 
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Network complexity fuels 
Al adoption. 


A number of factors are fueling the drive to Q 7 % 
Al-enabled networks. With unprecedented 

increases in network complexity and scale, Al 

is becoming increasingly necessary to help IT 


teams deliver consistent network and service The cost of network outages 


levels. 97% of global IT leaders surveyed said 
they’d had performance issues related 
to business-critical applications in the 
previous six months. The average cost 
per network outage? USS402,542 in 
the United States and USS212,254 in 
the United Kingdom.?! 


Networks are supporting explosive growth 

in traffic volume, connected mobile and loT 
devices, and interconnected applications and 
microservices. Today’s networks are also 
generating massive amounts of data that exceed 
the ability of human operators alone to manage, 
much less understand, in a timely manner. 


Figure 11 Network complexity of hyperconnected organizations 
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Al offers the potential for network teams to 
better use this data to ensure that their networks 
run effectively and in continuous alignment with 
business needs. For example, it can help create 
better baselines, accurately predict problems, 
and help with troubleshooting of complex 
systems. 


Network strategists already acknowledge this 
fact. More than 50% identify Al as a priority 
investment needed to deliver their ideal 
network,'* while only 17% believe that a lack of 
maturity in Al technologies poses an obstacle to 
network modernization. '4 


Using the voluminous network-sourced data, 
Al learns the complexity of the communications 


Figure 12 Intent-based networking powered by Al 
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and networking environment and can dynamically 
propose adjustments to the network. This 
capability makes Al fundamental to an IBN model. 


Al and advanced networking technologies like 
IBN are clearly disrupting how things are done, 
especially for networking operations. Testing of 
new applications can happen in minutes instead 
of weeks. Troubleshooting network issues gets 
significantly easier when an assurance engine 
identifies root causes and recommends fixes. 

In fact, when armed with powerful dashboards 
that offer actionable insights, a future network 
operator may only need to look in a handful of 
places, aS opposed to plowing through heaps of 
possible causes. 


IT intent @ 23 Business intent 


Translation 


a 
AN 


- Translation of “what” to “how” 


- Natural language processing (NLP) 


- Gain useful - Automate device 
insights from data a ae classification 
g P ee Assurance È Al-enabling Aciveiro B , 
- Expert guidance IBN - Automate policy 


for remediation 


creation 
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Physical and virtual infrastructure 


bind 
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How are ML and MR applied in a 
network context? 


As noted above, an important element 

of network operations and intent-based 
networking is network assurance, which is the 
continuous verification that the network state 
and behavior are coherent with the desired 
intent. Machine learning and machine reasoning 
offer unique capabilities that operators can 

use to assure required network performance, 
especially around the following three main 
assurance areas (see Figure 13 below.): 


Complex event processing: When 
applying ML to network telemetry, it is 
possible to establish dynamic baselines 
of what constitutes normal operating 
conditions for a given intent. 


Correlated insights: ML can provide 
deeper insights and visibility into the 
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operation of the network and even help 
predict when an anomalous condition is 
likely to occur in the future. MR enhances 
the power of ML by applying preloaded 
expert knowledge captured from 
troubleshooting workflows of similar issues. 


Remediation: Remediation allows for 
constant alignment to intent by identifying 
the most appropriate corrective actions 
using knowledge bases provided, for 
example, with MR.?? 


Current and future state of Al for 
network assurance 
Data from our 2019 Global Networking Trends 


Survey sheds light on where organizations are in 
their adoption of Al-enabled network assurance. 


Using our standard five-stage readiness model 
to measure estimated state of readiness, 


Figure 13 ML and MR use cases for network assurance 
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only 22% of network strategist respondents solutions are still relatively new. However, 72% 
reported utilizing any Al capabilities for network of respondents do plan to achieve Al-enabled 
assurance today. This can be attributed to the predictive insights or prescriptive remediation 

fact that genuine Al-based network assurance within the next two years.'4 


Figure 14 Al-enabled assurance readiness 
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Where organizations are now 


Where they plan to be in two years 


Question: Which statement best describes your organization’s current approach to performance visibility and analytics? 
Source: 2019 Global Networking Trends Survey; n = 1556 network strategists 
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Considerations for going 
forward with Al 


According to Cisco fellow JP Vasseur, when 
evaluating the use of Al in the network 
infrastructure, the following items need to be 
considered: 


@ Create operational best practices: Knowing 
what Al cannot and should not do is just as 
important as understanding what it can do. 
When determining which areas of the business 
could benefit the most from Al, be sure to also 
identify areas that present the highest risk and 


exposure. 


@ Defining a clear objective function: There is 
no algorithm capable of extracting interesting 
facts from a data set without the ML team 
clearly specifying the objectives. Being able to 
clearly state the goal and performance metrics 
before starting the ML journey is of the utmost 


importance. 


(3) Human and Al interlock: Defining how far Al 
can go in making decisions or taking action 
before a human needs to get involved to 
monitor, approve, or make a change is critical 
for the business and for the network team’s 


ability to stay in control. 


4) Al knowledge: An increasing reliance on Al 
has the potential to create knowledge gaps, 
so expert networking knowledge will be a 
premium skill set needed to verify that Al 
is achieving IT and business objectives as 
intended and to help operators make the right 
choice out of options recommended by the 


Al system. 


tt 
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(5) Data dependency: Get better at collecting data. 


Al is dependent on mathematical computations 
for creating actionable insights, and those 
computations are only as good as the quality of 
the data they are using. Networking experts will 
need to work across functions and domains to 
ensure that data quality can be trusted for 


Al initiatives. 


O Where do you apply Al: Where Al gets applied 


depends on the performance, security, data 
capacity, and privacy of an application and 
data. Although there are some instances of 
on-premises model training, the most common 
application today is cloud-based machine 
learning. Cloud provides the compute and 
storage Capacity to learn and execute ML from 
huge amounts of aggregated, anonymized data 
from multiple sources. In some cases, this can 
raise privacy concerns in terms of who has 
access to that data and even in which geography 
that data is stored. Also, be aware of latency 
implications that might affect real-time insights 
for large data sets, which could occur, for 
example, with video sensors that produce huge 


amounts of data. 


@® Changing the corporate paradigm: Aligning 


your company’s data policies to take advantage 
of cloud-based Al is ideal. By tethering millions 
of systems to a single Al analytics engine, a 
data sample size can be reached that can 
provide exponentially better results than the 
same technology that is fed by data from a 
single network experience. IT teams can be 
key in planting the seeds today that will lead to 
the cloud-friendly policies that will support the 


deployment of Al. 
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Networking for data and applications 


in multicloud environments 


section summary 


ave Key takeaways - 29% of IT leaders and network strategists 
es believe that within two years, they will have 


All companies will need cloud-based intent-based networking capabilities across 


services, but there will always be a need to UMA OAT, E a ON. 


: environments. 
keep some data and workloads on-premises. 
oe ee : Increased reliance on cloud is driving 
Monolithic applications are in many cases 


: a ee . f increased WAN traffic, with global business 
dissolving into interconnected microservices 


that are delivered via a variety of virtual and [PIN AE c oe S Awe ohy 


physical workloads located in containers, E a (SEA TIMNGI MM 

on-premises, in the cloud, and at the - Over 58% of organizations globally have 

enterprise’s network edge. already deployed SD-WAN in some form, and 
A . 

A distributed data center does not work like Ove Gl ON espouse as eiee ney! sul 


aE have a basic or more advanced intent-based 
a traditional one, so IT organizations need to 


adapt to meet the increased application and A e a 
network connectivity demands of this new 


architecture. 


SD-WAN, direct cloud access, colocation Essential guidance 


facilities, and cloud exchanges, along with 


more affordable high-bandwidth broadband - Identify the most mission-critical cloud-based 
and 5G services, are emerging as important applications and services, and prioritize any 
new architecture elements to ensure that SD-WAN plans to access and protect those 
cloud services can effectively and affordably applications first. 


deliver on business requirements. i f , 
Extend consistent policy-based automation 


across hybrid and multicloud, being careful 


to consider any platform, any hypervisor, or 
alll Key findings any container framework across any location 
and any workload (cloud native, bare metal, 
SDN/NFV is already transporting 23% of traffic hypervisor, container, and serverless). 


within enterprise data centers, a number that is 
expected to grow to 44% by 2021. 
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Map application services, workloads, and 


Section summary 


(continued) 


service components to the “expanded” 
network to gain a better understanding 
of what applications, services, and 
microservices are on the network. 


Data center, cloud, and network teams 
should collaborate to develop service 
consistency across campus, branch, data 
center, edge/loT, and public cloud/SaaS 
provider domains. 


Applications and services will require 
continuous integration and delivery between 
on-premises and cloud workloads, and 
enterprises that implement the operational 
processes to interconnect and support this 
model will reap the speed and flexibility 
promised by the cloud. 


C= Top prediction 


“By 2025, I expect to see 20% of workloads 
distributed at the edge of networks outside 
of enterprise and multicloud data center 
environments. That means one-fifth of traffic 
that would have generally been confined 
within a data center will now need to be 
assured and protected across the enterprise 
and multicloud network.” 


— Vijoy Pandey, vice president and 
CTO of Cloud Platform and Solutions 
Group, Cisco 
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Networking for data and 
applications in multicloud 
environments 


The need for speed and innovation is pushing 

IT organizations to modernize existing apps and 
rapidly develop new apps that enable access to 
information on any device at any time. Today’s 
app developers and business users appreciate the 
agility, scalability, and self-service of the cloud. 


However, while 85% of IT organizations are 
evaluating or already using public cloud, the 
move to the cloud does not tell the full story.7° In 
fact, the phrase “the move to the cloud” has not 
proven to be completely accurate. Vijoy Pandey, 
vice president and CTO of the Cloud Platform and 
Solutions Group at Cisco, says, “Over the last few 
years, as valuable workloads attempted to migrate 
to the public cloud, it became apparent that it 
wasn’t a binary situation and there were some 
workloads, and critically, some data, that needed 
to be local.”*4 


Of organizations that are using 
public cloud today, 85% are 
pursuing a multicloud strategy, 
increasing to 94% within 12 
months.?° 


Pandey also notes that the decision to keep data 
on-premises derives from a number of concerns, 
including regulations and data protection: 
“Another concern is if you need a lot of insight 
from your data, you need to do a lot of data 
crunching. For all those workloads, you need 
local compute and local networks. While there 
will be a need for cloud-based services for all 
companies, the need for on-premises will never 
disappear. That’s why | think making the bet on 
multicloud and hybrid is the way forward.” 
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The network impact of changing application models 


Traditionally, a network’s performance focused on two main elements: 


The communication between the client and the monolithic service or application, typically hosted in a 
central data center 


The intra-data-center communication between servers and networked storage 


Figure 15 Before: Client to service and interworkload communications 
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But this approach is no longer sufficient as application teams continue to adopt more agile application 
models that are less monolithic and composed of multiple workloads or service components that are not 
always colocated, but rather distributed, beyond the data center and on-premises environments. 


Figure 16 After: Client to service and interworkload communications 
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While some IT teams may believe that a move to 
the cloud means the network becomes less of a 
consideration, nothing can be further from reality. 
Data center and cloud teams can no longer 

work separately from networking teams, a fact 


Technology: Multicloud 


that IT leaders have already recognized. They 
now identify network investments to support 
multicloud environments (public, infrastructure as 
a service [laaS], or SaaS) as one of their highest 
priorities. ' 


Figure 17 IT teams prioritize investment in networking for multicloud environments 
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Better supporting deployment of multicloud environments (public laaS or SaaS) 


Developing network operations process improvements to accelerate application 
deployments and reduce costs 

Better protecting the organization’s network, applications, and data 
Collaborating with lines of business to develop network-enabled 

business innovations 


Integrated/automated process workflows with other IT systems 
(for example, SecOps, IT service management [ITSM]) 

Integrated multidomain network policy enforcement and assurance 
Building network DevOps capabilities 


API-based programmable network alignment to business/application needs 


Providing network analytics and insights for enabling innovation in the business 


Question: If you were able to reduce the time spent on maintaining status quo activities, on which of the 
following value-added services would you put more focus? 


Source: 2019 Global Networking Trends Survey; n = 505 IT leaders 


According to Tom Edsall, Cisco’s CTO for data 
center and emeritus advisor, “As applications, 
workloads, services, and data become more 
distributed across the entire edge-cloud 
continuum, there is an added responsibility on IT 
as a whole to ensure that services are delivered 
securely and reliably and with the desired 
performance, irrespective of their physical 


location. Data center professionals must now 
collaborate more closely than ever with teams 
responsible for branch/edge, WAN, and campus 
networking.” 


Given these ongoing changes, where do IT and 
networking leaders need to focus their efforts 
today? 
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Expansion into the hybrid and multicloud world 
means managing ever-changing variables (apps, 
data, users, and devices) that span every domain 
of the enterprise. As a result, infrastructure and 
operations (I&O) and networking teams must 
work together to tackle everything from the 
networking implications of public cloud and 

SaaS providers to the impact on their on- 
premises environments. 


To help understand the challenge, we will look at 
networking requirements through two lenses: 


Optimizing user-to-multicloud connectivity 


Networking for an anywhere data center 


Figure 18 The changing WAN landscape 
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Multiprotocol Label 
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Optimizing user-to-multicloud 
connectivity 


The emerging predominance of cloud services 
means that remote connectivity to those services 
becomes more critical than ever. It also means 
that traditional wide area network architectures 
that focused on connecting remote sites to 
centralized data centers are no longer optimal. 


© 


Data center Internet 


O Internet 
B Data center 


Multicloud 


Edge/ 
microservices/ 
containers 
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Now that SaaS, laaS, and distributed edge 
services can be hosted anywhere there’s a 
network connection, a legacy hub-and-spoke 
WAN architecture can hold organizations back. 


2X 


The increased reliance 
on cloud is also driving 
increased WAN traffic, 
with global business IP 
WAN traffic expected 
to grow twofold by 
2022, reaching 5.3 
exabytes per month. '2 


SD-WAN, direct cloud access, colocation 
facilities, and cloud exchanges, along with 

the availability of affordable, high-bandwidth 
broadband services, are emerging as important 
new architecture elements to ensure that cloud 
services can affordably deliver on business 
requirements. 


IT teams need 
the same control 


—= in multicloud 
=——0 —— environments as in 


their own networks so 
they can continue to 
deliver the service that 
the business expects. 
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SD-WAN 


SD-WAN is a software-defined approach to 
managing the WAN that allows a centralized 
controller to optimize the multicloud application 
experience and greatly simplify WAN operations. 


The recent rapid adoption of SD-WAN indicates 
that it provides many answers to the growing 
demands of the cloud. And in fact, the cloud is 
the biggest driver for this SD-WAN adoption. 
Nearly 75% of respondents in IDC’s SD-WAN 
survey stated that SaaS/cloud services are 
important (or very important) to current WAN 
technology choices.?° 


This is not surprising, as traditional options and 
services used for connecting to the virtual private 
cloud provided by cloud service providers leave 
enterprise networking teams with limited control 
in a multicloud scenario. 


According to our 2079 Global Networking Trends 
Survey, over 58% of organizations globally have 
already deployed SD-WAN in some form, and 
over 94% of respondents believe they will deploy 
some form of basic or more advanced SD-WAN 
implementation within the next two years. "4 


Also, as 5G services become more widely 
available, SD-WAN will seamlessly integrate 
them into a transport-independent framework for 
maximum flexibility and performance, improved 
always-on backup, and reduced cost. 
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Figure 19 WAN for multicloud readiness 
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Question: Which statement best describes your organization’s current approach to 
designing, deploying, and managing your WAN architecture? 


Source: 2019 Global Networking Trends Survey; n = 1556 network strategists 
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Direct cloud access 


The traditional approach of backhauling branch 
traffic over expensive WAN circuits to the data 
center or a centralized Internet gateway via 

a hub-and-spoke architecture can hinder a 
transition to cloud services. It also adds expense 
and introduces latency that degrades the user 
experience. 


Until now, network architects have been stuck 


£ 


with this approach because of the cost and 


complexity of the alternative, which requires 
deploying and managing distributed security 


capabilities such as firewalls, URL filtering, and 


services. This simplifies policy management 


DNS protection at each branch router. ae 
across remote sites and automates provisioning 


Now, however, “direct cloud access” or “direct of new network services in minutes while 
Internet access” capabilities can securely enforcing multilayer security, including 
connect users directly from the branch to cloud encryption, authentication, segmentation, firewall, 


and DNS enforcement. 


Figure 20 Secure SD-WAN with direct cloud access and colocation hubs 
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Colocation and cloud exchange 


While carrier-neutral colocation (colo) facilities 
are not new, they take on a much-expanded 
role in the age of multicloud and are a critical 
component of the new cloud-optimized WAN 
architecture. In essence, colo facilities like those 
provided by Equinix and other interconnection 
services become an extension of the enterprise 
WAN, providing visibility, high-performance 
access, and centralized security to multiple SaaS 
and laaS providers. (See Figure 20 above.) 


Networking for an 
anywhere data center 


Today’s data centers are no longer single 
locations. The emerging “distributed data center” 
is a result of applications and data that live both 
on- and off-premises in hybrid, multicloud, 

and edge environments. But a distributed data 
center doesn’t work like a traditional one. IT 
organizations need to adapt and shift their 
technology and operations to meet the increased 
application and network connectivity demands of 
this new architecture. 


An anywhere data center requires IT teams to 
ensure technology and operational consistency 
on-premises, across the enterprise edge, and in 
hybrid and multicloud environments. 
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Automation 


The growing scale, complexity, and workload 
portability within data centers is forcing network 
administrators to replace manual processes and 
apply automation tools to managing network 
policies and connectivity. 


The adoption of software-defined networking, 
automation, and NFV for Layer 4 to 7 services 
puts data center networks in a viable position to 
support an agile on-premises cloud environment. 


Almost 60% of IT 


leaders and network 


Strategists state 
they have already 
deployed some 
form of SDN in 
their data centers. '* 


60% 


This allows workload-centric orchestration 

of the network together with compute and 
storage services. In fact, you could consider a 
data center network that has not yet adopted a 
controller-based, API-driven DevOps model as 
behind the times. 


Almost 60% of IT leaders and network 
Strategists state they have already deployed 
some form of SDN in their data centers. '4 
SDN/NFV is already transporting 23% of traffic 
within enterprise data centers, a number that 
is expected to grow to 44% by 2021.78 Those 
data centers without SDN will struggle to 
support agile and flexible application models. 
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Intent-based networking for 

the data center 

Building on SDN fundamentals, intent-based 
networking lets data center teams achieve a 
holistic closed-loop validation architecture that 
analyzes data center behavior in real time against 
defined policies and enables an efficient and 
reliable method to make changes in the network. 
This allows IT teams to keep up with dynamic 
workload changes and continuously align to the 
application needs of the business. 


In a data center scenario, it is also very important 
to validate policies before activating them. With 
IBN, this can be achieved through continuous, 
automated, and networkwide verification, 
including compliance policies. 


Extending IBN to 
multicloud environments 


To ensure desired service levels and security for 
today’s organizations, data center teams need to 
extend control and visibility beyond on- 
premises environments. IT teams can extend IBN 
policy-based automation and enforcement to 
multicloud environments so that they can deploy 
policy consistently to workloads regardless 

of location. 


Within two years, 29% of our 2019 Global 
Networking Trends Survey respondents plan to 
have intent-based networking capabilities that 
maintain business-intent alignment by assuring 
automated network actions across multicloud 
environments. '4 


Tom Edsall, Cisco’s CTO for data center, 
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explains that “IBN is the boldest and most all- 
encompassing effort by the networking industry 
to create a system-wide networking model that 
addresses all the latest technology trends and 
fast-changing needs of agile organizations.” 


The key to a successful on-premises, multicloud, 


“Intent-based networking is 
the boldest and most all- 
encompassing effort by the 
networking industry to create 
a systemwide networking 
model that addresses all the 
latest technology trends and 
fast-changing needs of agile 
organizations.” 


— Tom Edsall, CTO for data center 
and emeritus advisor, Cisco 


or hybrid implementation is to keep it simple. To 
achieve this, network architects should consider: 


No overlay network in the cloud 


No agent dependency, which allows broad 

applicability for any workload 

Adaptability to the scale of the cloud 
Underlying network infrastructure 
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In the data center, the underlying network According to the Cisco Global Cloud Index, by 
infrastructure needs to provide open 2021, traffic within the data center will account 
programmability and telemetry to support the for 72% of all data center traffic and will far 
automation and analytics that are central to IBN exceed data-center-to-user (15%) and data- 
systems. Data center network infrastructure center-to-data-center (14%) traffic.?° 


also needs to keep up with massive increases 


in traffic. Global data center IP traffic will grow Ongoing increases in Ethernet switching 
performance will be required to support the 


increased needs of compute traffic as well as 


Global data center file-based and even some block-based 
x IP traffic will grow storage traffic. 
threefold over the next 
five years.’ 


threefold over the next five years. Overall, data 
center IP traffic will grow at 25% (compound 
annual growth rate) through 2021.78 


Network infrastructures need the flexibility and 


By 2021, traffic within 
the data center will 
O 
[2 /o account for 72% of all 
data center traffic.?° 


With switched 400 Gbps now becoming 


mainstream, and IEEE specifications for 800 


Gbps and even 1.6 Tbps in the works, the 


capacity to support both high-performance attractive capital and operational benefits of 


client-to-application (north-south) traffic Ethernet make it inevitable that it will become an 


and, increasingly, server-to-server or VM-to- alternative to the more traditional fiber channel 


VM (east-west) traffic. Today, this is typically switching for some workloads. 
done with a flat “spine-and-leaf” architecture 
supported by one or more control-layer overlay 


protocols. 
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Co nS j de rati ons wh en arc h itecti n g 4) Map application services and workloads 


your network for mu Iticloud and service components to the expanded 
network: Network strategists and practitioners 


In this expanded, more distributed application need a good understanding of what 
environment, network and cloud architects, applications, services, and microservices are on 
data center executives, and infrastructures and the network. 


operations teams need to develop a network 


_ a eee licati f n 
strategy that will optimize the application © Prioritize application performance: in your 


. or . D-WAN strat : Identif r most mission- 
experience. Here are some initial things to > eee E T 


, ; critical cloud-based applications and services, 
consider when doing so: 


and prioritize your SD-WAN plan to support 


@ Look to the organization’s application those applications first. 
strategy: It begins with the application. IT f o . 
, © Bridge access policy and application policy 
and network strategists should have a good 


across network silos: To deliver policy-based 
understanding of the organization’s expanding 
secure segmentation everywhere, consider 
workload and data footprint. E 
how IBN systems can map groups and policies 


@) Collaborate to bring consistency to between different network domains, such as 
multicloud: Organizations need their multicloud WAN and data center. 
environment (including on-premises) to work 
Q Build out NetDevOps skill sets: As workloads 
as one. Amid all the complexity, the data center 


and services require on-demand network 
and network teams should collaborate to develop l , E 
, , services, not just within a data center but 
consistency across their campus, branch, , f 
, between remote locations, they will need to 
data center, edge/loT, and public cloud/SaaS a 
ne a make their needs clear to the network. This will 
provider domains in order to gain optimized 
a require NetDevOps skill sets that understand 
cost, performance, visibility, security, and user a 
; how to bridge application requirements to 
experiences. 7) 
network policies. 


® Extend policy-based automation consistency 
© Augment SDN with Al advances: Use Al 


capabilities to accelerate troubleshooting, 


across hybrid and multicloud: Teams should 
consider implementing policy-based automation 
, , enhance change management, and assure 
across any platform, any hypervisor or container 
, compliance. 
framework, any location, and any workload 
(cloud native, bare-metal, hypervisor, container, 


and serverless). 
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Network access and wireless 


Section summary 


S Key takeaways 


Emerging capabilities such as OpenRoaming 
will provide seamless, always-on, and secure 
global roaming between different Wi-Fi 6 
networks and public 5G networks. 


Networking teams need improved analytics 
and Al-enabled capabilities for wireless 
planning, health monitoring, troubleshooting, 
and remediation. 


IT teams need to manage, administer, 

and propagate consistent access policy 
automatically across different access 
networks to better protect applications, data, 
users, and devices. 


Wireless networks will need to identify 
and dynamically support the demands of 
new immersive media applications and loT 
devices. 


alll Key findings 


Globally, wireless devices will account for 
43% of all networked devices by 2022. 


lol M2M devices will account for 51% of all 
networked devices by 2022, with the majority 
being wirelessly connected. 


35% of network strategists recognize 
troubleshooting networking issues as the 
most resource-intensive and time-consuming 
activity for network operations today. 


34% of organizations still use a manual 
approach to managing access across wired 
and wireless networks. 


40% of organizations provide policy 
automation and segmentation for reducing the 
threat surface, with another 15% leveraging 
Al-enabled access solutions. 


Within two years, 27% of organizations plan 
to have an intent-based networking access 
model in place. 


Essential guidance 


Consider how Wi-Fi 6 and 5G will affect your 
organization’s future business requirements, 
and shape your wireless strategy accordingly. 


Build a roadmap for automating the secure 
onboarding and segmentation of all mobile 
and loT devices. 


Explore the use of automated device 
classification to enable secure, large-scale 
onboarding of all types of loT devices. 


Evaluate how location-based services and 
network analytics can deliver business 
benefits to your organization. 
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Explore how any specialized wireless 


Section summary 


(continued) 


technologies required for unique or 
demanding use cases (such as Bluetooth, 
Zigbee, and Thread) can be managed 
through a common management layer. 


C= Top predictions 


“By 2025, wireless federations such as 
OpenRoaming will be pervasive, allowing IT 
organizations and service providers to use 
zero-trust access systems, safely share 
identity credentials, and enable end users to 
seamlessly and securely roam on any wireless 
access network—both private and public. The 
user experience will be frictionless and policy- 
enforced, offering the best experience for 
users anywhere they connect.” 


— Matt MacPherson, CTO for wireless 
technologies, Cisco 


“Through 2025, Wi-Fi 6 networks based on 
the IEEE 802.11ax standard, together with 
planned Wi-Fi 6 extensions, will become the 
predominant form of Wi-Fi everywhere. Only 
in about 2024 will the next generation of Wi- 
Fi based on the developing IEEE 802.11be 
standard (probably to be marketed as Wi-Fi 7) 
start appearing on the market.” 


— Andrew Myles, director and former 
chairman, Wi-Fi Alliance, and technical 
lead, Cisco 
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Network access and wireless 


Globally, business IP traffic will reach 63.3 
exabytes per month by 2022, a threefold increase 
from 2017.3 Wired access, born from the relatively 
humble beginnings of shared wired local area 
networks like Ethernet (10 Mbps), token ring (16 
Mbps), and FDDI (100 Mbps), has benefitted 

from ongoing innovations in silicon and optics to 
become the switched 400 Gbps Ethernet core 
network for LAN and metropolitan area network 
environments that customers can deploy today. 


Ongoing innovations promise Terabit Ethernet and 
new advanced capabilities like Time-Sensitive 
Networking (TSN) for deterministic loT applications 
in the not-too-distant future. However, in today’s 
mobile-first world, wireless access is where a 

lot of the attention is focused. Wireless network 
access over either wireless LAN (Wi-Fi) or public 
mobile networks continues to change our lives in 
ways few could have imagined. 


“We find that digital business 
innovation requires and drives 
advances in wireless innovation, 
while at the same time 
advances in wireless innovation 
themselves are opening up 
possibilities for new business 
innovations. It’s the virtuous 
cycle.” 


— Guillermo Diaz, SVP of customer 
transformation, Cisco 
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and ubiquitous—as well as a satisfying one that 
provides uninterrupted access to jitter-free 4K 


“Today ‘experience’ is the | : l 
f video, super-fast browsing, and crystal-clear 
currency of business, P 
and advances in wireless 
connectivity will be the Ga 
support new business innovations. As businesses 
enabler of many next- increasingly adopt immersive media applications 
generation experiences. By such as high-definition video, AR, and VR, 
combining the best of Wi-Fi leaders want to know that the network has the 
6 and 5G network teams performance, Capacity, coverage, and security to 
have the potential to make 
these experiences a reality.” 


Just as importantly, wireless networks need to 


support new digital initiatives so they can move 


quickly when opportunities arise. 


— Matt MacPherson, CTO for 
wireless technologies, Cisco 


Globally, wireless devices will account for 

43% of all networked devices by 2022, with 
smartphones accounting for 24% (6.7 billion) 

of all networked devices. At the same time, the 
number of lol M2M devices will increase to 14.6 
billion and account for 51% of all networked 
devices by 2022, with the vast majority being 
wirelessly connected. '? 


Delivering a delightful mobile 


user experience “Imagine if a shopper can receive a personalized 


. ie 
People around the world have become and relevant experience powered by locatio 


ee services and AR,” explains Matt MacPherson, 
accustomed to mobile applications such as 


Uber, Waze, and Webex® that make a significant COE S C TO Tar WINGlESs wecniQlodies: Er g 


difference in their work and private lives. warehouse can be outfitted with millions of 


sensors to allow autonomous electric robots and 
They want their mobile experience to be an 


. , : j 1 hi r i 
immediate one—always available, untethered, vencia W UN andere and pip product 
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New Wi-Fi 6 and public mobile 5G networks 
both promise dramatically better performance 

to support such requirements. Wi-Fi 6 brings 
higher data rates, lower latency, increased 
device density, and much better overall 
performance. Likewise, by 2022, public mobile 
5G networks, slated for commercial rollout in the 
2020 timeframe in a select set of countries, will 
offer speeds over four times faster than those 
experienced on 4G.1? 


Wi-Fi is widely used 
as a mobile offload 
mechanism and will be 
even more necessary 
in the 5G era. It’s been 
forecasted that 5G 

will offload over 70% 
of its traffic, up from 
the 59% that 4G 
networks offload.” 


70% 


Mobile users also want a transparent experience 
when accessing enterprise, cloud, and public 
Internet applications. That includes onboarding 
and roaming across networks. 


By complementing 5G with Wi-Fi 6, users will 
get a transparent and always-on experience 
in private and public areas, both indoors and 
outdoors. This includes support for new data- 
hungry apps that could easily stretch the limits 
of many users’ mobile data plans. 


To help bring that vision to life, OQpenRoaming 
builds on the Wi-Fi Alliance’s Passpoint 
technology.?° While still in an early stage, the 
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OpenRoaming Foundation, a consortium of 
Cisco and several wireless leaders, is making 
the ambitious goal of seamless, secure roaming 
across private and public wireless networks a 
real possibility. 


It allows users easy and secure global roaming 
between different Wi-Fi 6 networks and public 
5G networks via a cloud-based federation 

of access networks and identity providers— 
including mobile carriers. OpenRoaming was 
demonstrated successfully at a recent Mobile 
World Congress. ?® 


Using dual-mode devices such as smartphones 
and tablets, users will be able to switch 
seamlessly between private home or business 
Wi 

public 5G network. 


-Fi networks, public Wi-Fi hotspots, and the 


“With OpenRoaming, mobile users 
will never have to guess which 
Wi-Fi network to use, suffer 
through a pop-up captive portal, 
or use an insecure username 
and password again. They will 
be connected wherever they go 
and can download, stream, video 
chat, game, and even work to 
their heart’s desire.” 


— Matt MacPherson, 
CTO for wireless technologies, Cisco 


ajaj 
cisco 


Preparing IT for wireless success 


Network operations will need to get ahead 
of these emerging business requirements to 
deliver the desired mobile user experiences, 
as traditional approaches for deploying and 
maintaining wireless networks will not be 
sustainable. 


In particular, troubleshooting wireless networks 
has traditionally been a reactive, complex, and 
resource-intensive activity for most networking 
teams. Not surprisingly, troubleshooting 
networking issues is recognized by network 
leaders as the most time-consuming activity for 
network operations today." 


Further complicating things is the fact that, in 


addition to emerging Wi-Fi 6 and 5G networks, 
loT devices can communicate over multiple niche 


wireless protocols, including BLE, Zigbee, and 


Thread. The IT challenge will be to ensure that 


network management efforts are not split across 
these different networks. 
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Many loT use cases will converge onto the 
mainstream Wi-Fi 6 and 5G networks, but IT 
teams should consider how they can manage 
more specialized wireless technologies required 


£ 


or unique or demanding use cases through a 
common management layer. 


To get ahead, NetOps teams need a more 
proactive approach to wireless planning, 
monitoring, troubleshooting, and remediation. 
This requires much better visibility into wireless 
performance and health using analytics and Al- 
enabled monitoring. 


Current and future state of 
network access readiness 


IT cannot rely on traditional manual-access 
network operations to Support mobile users. 
Instead, organizations need a software -driven 
approach that spans all network domains. 


The network management system needs to 

be able to manage, administer, and propagate 
consistent access policy automatically across 
different access networks, even as users and 


workloads continue to move. It needs to unlock 


data and insights that will enable IT to support 
the business in real time and to employ Al to 
better predict problems and automate routine 
tasks. And in light of the growing prevalence 


of loT applications, the network needs to 


automatically recognize and classify loT devices 
and apply relevant policies. 


Together, these capabilities will allow employees, 
customers, and business leaders to take full 
advantage of what Wi-Fi 6 and 5G offer. At the 
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same time, they will allow IT to not only survive of respondents plan to deploy Al-enabled or 
the wireless deluge, but also ensure security and intent-based access within two years, up from 
the best user experience in a mobile world. just 18% who do so today. Doing so will allow 


them to dynamically create and change policies 


ODE 20 he NOE NER Enos OU), and eventually consistently align access policies 


we asked network strategists where they are in to business intent end to end, between users and 


heir ion of r rchi r ; 
their adoption of a secure access architecture services, wherever they roam or are located.'4 


related to the five-stage readiness model. 72% 


Figure 21 Secure access readiness 
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Al-driven access policy 
to business intent 
between all users, 
devices, applications, 
and services for 
maximum security 
consistently across 
multiple private and 
public network domains 


Provides dynamic access 
and usage policy creation 
based on business 
needs, enabled through 
machine learning and 
software-defined 
automation 


Authenticated users 
and devices access 
device access to 
applications; integrated 
macro- and 
microsegmentation 
across the campus and 
branch for greatly 
reduced exposure 


Provides authenticated 


Unchecked wired or f : 
| users and devices with 


wireless access B . 
unified wired and 


wireless access to 
authorized data and 
applications 


Provides users with 
unchecked wired or 
wireless access to 
campus and branch 
networks 


Where organizations are now 
| 


Where they plan to be in two years 


GED D 


Question: Which statement best describes your organization’s current approach to network security? 
Source: 2019 Global Networking Trends Survey; n = 1556 network strategists 
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Considerations for enabling 
access and wireless for the 
digital era 


@ Wireless assurance tools will be a necessity: 


In most industries, access connectivity Is 
becoming predominantly wireless for both 
clients and things. Network strategists need to 
have advanced wireless assurance systems and 
tools in place to be able to deliver consistent 
wireless experiences across all IT and loT 


access networks. 


Policy-based wired and wireless 
segmentation will save a lot of headaches: 
Policy-based automation across the access, 
core, and branch networks allows segments and 
microsegments to be dynamically created and 
managed based on user and application groups 
so that networks form a dynamic zero-trust 


barrier to attacks and threats. 


Use Al-driven device classification before 
deploying loT too broadly: It doesn’t make 
economic sense to protect inexpensive loT 
sensors, monitors, and other devices with costly 
security solutions. However, using automated 
device classification and policy-based 
automation, lol segments and microsegments 


can be dynamically created and managed based 


on loT device and application groups. 
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O Prepare for Wi-Fi 6, 5G, and OpenRoaming: 


Network leaders should make sure their wireless 
roadmap takes into account how Wi-Fi 6 and 
5G will complement each other and work with 
devices, Wi-Fi operators, and service providers 


to deliver OpenRoaming capabilities. 


Consider location-based services: Many 
business executives in retail, healthcare, and 
education are already taking advantage of the 
benefits of indoor location-based services for 
improved customer experience. According to 
our survey, 51% of respondents are already 
using location-aware wireless to enable a more 
personalized customer experience through 
mobile applications. Another 40% are evaluating 


the opportunity. 14 


Prepare for microservices running on edge 
network devices: With Kubernetes and other 
management and orchestration capabilities 
for container-based workloads, it is becoming 
increasingly attractive for application teams 

to start hosting network or application service 
components on workload-capable network 
devices at the edge. Consider how this will 
impact the network policy, performance, 
security, and segmentation requirements 


of your network. 
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Changing role of network security 


Section summary 


ave Key takeaways 


As applications, data, and identities move 
to the cloud and network edge, perimeter- 
based security alone cannot effectively 
protect against today’s threats. 


The mix of many different types of devices 
and mobile users connecting from anywhere 
to networked applications everywhere results 
in new challenges, such as loss of visibility 
and control. 


Integrating security with intent-based 
networking capabilities results in a powerful 
combination that streamlines effective policy 
enforcement, protection, and remediation 
across the network. 


alll Key findings 


Network strategists identified security as 
a top investment area, second only to Al. 


43% of network teams identified improved 
embedded network security capabilities 
as a priority. 


In 2019, 48% of ClSOs identified “time to 
remediation” as a main key performance 
indicator (KPI), up from 30% in 2018. 


Almost 75% of network leaders were 
confident they will have Al-enabled 
adaptive or automated policy definition and 
enforcement in two years. 


Essential guidance 


Develop network security capabilities in five 
key areas: visibility and threat detection, 
zero-trust access, continuous protection, 
trustworthy network infrastructure, and 
integrated SecOps and NetOps workflows. 


Make sure a zero-trust security strategy 

is included with any network automation 
and assurance plans to effectively manage 
security threats regardless of where they 
exist across the distributed network. 


When upgrading infrastructure and processes, 
networking teams should take into account 
trustworthy requirements to help ensure that 
the network itself is tamper resistant. 


SecOps and NetOps teams need to consider 
how to share data, and should integrate tools 
to streamline threat prevention, detection, 
and response workflows. 
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Section summary 
(continued) 


C= Top predictions 


“By 2025, some leading-edge IT organizations 
will have deployed a limited set of fully automated 
network-enabled security workflows that will help 
accelerate remediation and reduce the workload 
on the SecOps team. The increased maturity of 
IBN platforms, Al/ML technologies, and integration 
between security and network tools will enable 
automation of some well-defined use cases that 
don’t carry risk to the organization’s security 
posture or network.” 


— Wendy Nather, head of the Advisory CISO 
team, Cisco 


“In 2025, quantum computing will still be in its 
infancy. However, there will already be efforts 
to address the new danger of quantum 
computing being used to overcome current 
encryption methods.” 


— David McGrew, Cisco fellow, Cisco 


Changing role of 
network security 


The adoption of mobile, multicloud, and 

loT models is creating new challenges and 
opportunities in network security. The traditional 
enterprise network perimeter is now just one 
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element of a more distributed model where the 
identity of all users, things, and applications must 
be questioned, regardless of whether they are in 
the campus or branch, on a VPN, on the public 
network, or in the cloud. 


IT teams need to leverage the combined powers 
of the network and security to be effective at 
tackling cybersecurity challenges. Network 
strategists readily recognize the importance of 
investing in network security. When asked how 
network teams can better meet business needs, 
respondents in our 2019 Global Networking 
Trends Survey identified security as the 

number two area to invest in after Al, with 43% 
identifying improved embedded network security 
Capabilities as a priority.'4 


The convergence of security with an intent- 
based networking model enables organizations 
to apply and enforce business role policies and 
respond faster to threats across all network 
services. 


In this new reality, NetOps teams and the 
networks they control have a vital security role to 
play in five key areas: 


Visibility: CISOs are concerned about 
maintaining visibility in this new distributed 
application and data model. 


Zero-trust access: [he network is 

an integral element for implementing a 
consistent trust model where all users, 
devices, and applications are equally suspect, 
regardless of where they access the network. 
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According to Forrester Research, a zero- 


trust network model must do three things:?° 


] 


Segment networks 


in order to apply 
granular controls 
as well as prevent 
lateral movement. 


Z 


Provide granular 


network analysis 
and visibility for 

threat detection 

and response. 


Continuous protection: The network 
needs to act as both a distributed detection 
agency and an enforcement agency that 
can automatically and quickly take action to 
contain infected devices. 


Trustworthy network infrastructure: With 
the growing threat of malicious actors looking 
for privileged information or trying to disrupt 
network operations, organizations must 
secure the network system and the individual 
network devices against attack. 


In 2019, 48% of 
ClSOs identified “time 
to remediation” as 

a key performance 
indicator, up from 30% 
mOl 
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Offer consolidated 


network security 
manageability and 
lay the foundation 
for automation. 
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Seamless 
SecOps 

and NetOps 
workflows: 
CISOs see their 
SecOps and 
NetOps teams as 
working together, 
with 95% saying 
they are either 
very or extremely 
collaborative.°° 


However, both 

teams still tend 
to use separate data, workflows, and tools 
to collect and analyze data. SecOps and 
NetOps teams need to rethink how they 
can streamline workflows, share data, and 
integrate tools to achieve a common goal 
of automated threat prevention, detection, 
and response. 


According to Gartner 
Research, “for SecOps, 
access to network traffic 
Supports retrospective 
analysis of traffic flows, 
identification of exfiltration 
attempts, network forensics, 
and microsegmentation 
workflows.”?! 
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Challenges with network security 
Increased scale and complexity 


T must protect the organization and its data 
in the face of larger, more complex, and 
rapidly changing mobile-first and cloud-first 
environments and security threats that are 


£ 


increasingly difficult to defend against. 


Workloads: As applications, data, and 
identities move to the cloud or Internet, the IT 
model continues to extend past the traditional 
hybrid 
and multicloud computing and microservices 


organizational perimeter. This rise in 


hosted at the edge requires a shift in how we 
secure workloads. Perimeter-based security 
alone cannot effectively protect against 
today’s threats. 


Clients: Additionally, the mix of many 
different types of devices (user devices 
and interconnected loT devices) as well 
as different types of users (employees, 
contractors, third parties) connecting 
from anywhere to networked applications 
everywhere introduces even more 


complexity.°° 
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Infrastructure: Finally, as the sophistication 
of threats evolves, attackers increasingly 
seek to subvert the underlying switching and 


routing infrastructure in order to eavesdrop, 


steal, or manipulate data and launch attacks 
against other parts of the network.°? 


“Like any other large 
organization, we need to deal 
with complexity at scale. We 
inspect 47 TB of Internet 
traffic, analyze 28 billion flows, 
and log 1.2 trilllon security 
events daily.” 


— Marisa Chancellor, director of 
infrastructure security, Cisco 


The threat landscape: Continuous 
attacker innovation 


As the potential payoff for cybersecurity attacks 
continues to become more attractive, the 

nature of attacks continues to become more 
sophisticated. Some of the more worrying threat 
trends include: 


Self-propagating, network-based ransomware 


Encrypted malware attacks, hidden within 
encrypted traffic, which made up an incredible 
70% of all malicious attacks in 20174 


loT botnets deployed on unpatched and 
unmonitored loT devices 
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Figure 22 Today’s cybersecurity threats 
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Malware 


Malicious spam 


Phishing 


Spyware 


Data breach 


Ransomware 


Mobile malware 


Improper file sharing 


Stolen credentials 


Fileless malware 


Question: Which security incidents/attack types have you encountered in the past year? 


Source: 2019 Cisco Cybersecurity Report 


For the latest information on the evolving threat 
landscape, see the current Cisco Cybersecurity 
Series Threat Report.°? 


Compliance 


Security teams are also faced with adhering 
to new and emerging regulations. This means 
ensuring and demonstrating that effective 
security policies are in place. 


The European Union’s General Data Protection 
Regulation (GDPR) went into effect in 2018, 
requiring a proactive approach to data privacy. 
Also, healthcare, financial services, retail, federal 
government, and other sectors are requiring 
additional compliance standards, with the risk of 
heavy fines for noncompliance. 
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loT device proliferation: Increasing the 
attack surface 

Connected loT devices continue to proliferate 
without adequate security, largely because they 
are often unknown or undetected by IT. Every 
connected device expands the attack surface for 
an organization. For loT devices, network-level 
attacks may include distributed denial-of-service 
(DDoS) attacks, radio frequency identification 
(RFID) spoofing, and password-targeted and 
malicious software threats. 


Gaps in visibility 

The proliferation of new cloud apps and 
microservices can introduce gaps in IT visibility 
and control over their attack surface. Users 
can now install and self-enable applications 
that may be insecure or demand excessive 
access permissions. 


AD A) 
(e) 


“Many lol devices have 
little intrinsic security, rarely 
use digital certificates 
or credentials, and can 
be easily compromised. 
So automation of device 
recognition, classification, 
and network access 
policy activation become 
paramount in preventing 
or containing security 
breaches.” 


— Tim Szigeti, principal engineer, Cisco loT 


The number and range of mobile devices 
(corporate and personally owned) will continue 
to grow, and the bring-your-own-device trend 
means more personally owned smartphones, 
laptops, tablets, and so on are accessing critical 
applications—resulting in further lack of visibility 
and control. 


Tackling security challenges with 
an intelligent network 


A NetOps team empowered with an intelligent 
network provides a powerful ally to SecOps in 
the ongoing fight to keep the organization and 
its data safe. By embracing an intent-based 
networking model where security capabilities 
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are foundational, IT can enlist the network to 
automatically and effectively determine what 
is new, what is important, and what is unusual, 
regardless of where it exists across the 
distributed network. 


Ultimately the combination of intent-based 
networking and security provides continuous 
visibility and control into who and what is on the 
network. It also contributes to a complete zero- 
trust access model and builds threat prevention, 
detection, and rapid response into, not onto, 
the network for constant protection everywhere. 
(See Figure 23 below.) 


Network visibility and threat detection 


It has never been truer that you can’t protect 
what you can’t see. Visibility is fundamental for IT 
teams to protect network assets and information. 
This includes visibility into users, devices, apps, 
and things, wherever they are, in order to 
monitor anomalous activity and set policy. 


“We're dealing with large-scale 
movement to SaaS and are 
losing the traditional visibility 
and control that we’ve had in 
the past.” 


— Marisa Chancellor, 
director of infrastructure security, Cisco 
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Figure 23 Integrated network security model 
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A full view across access, WAN, data center, 
multicloud, and loT networks allows the mapping 
of every flow that traverses the network so 

that teams can determine a dynamic baseline 

of normal network behavior. With an intelligent 
network that provides full visibility, the network 
team has an invaluable resource to help the 
security team detect and remediate threats faster 
and more accurately—even in encrypted traffic. 


Zero-trust access 


Building on an advanced visibility foundation, 

a holistic zero-trust security model enables 
NetOps teams to manage access regardless 

of the type and location of the devices and 
workloads in question. Applied suitably, it can 
protect workloads and data within the private or 
public cloud and the workforce, even when users 
are off network. The key capabilities of a zero- 
trust model include: 
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Apps and workloads 


@ e 


Data center SaaS Public cloud 


End-to-end network segmentation 


[j 
I 
' 
Protection of users/devices ' Protection of ingress/egress 
1 


Protection against malware 


62 


Securing network access: |n a zero-trust 
access model, IT applies precise controls 
over who, what, when, where, and how user 
and loT endpoints are allowed on the wired 
and wireless network. They can also apply a 
zero-trust approach by using group-based 
policy controls and end-to-end, client- 
to-application segmentation to restrict the 
access to resources on your network. 


Proactively containing application 
breaches: |T staff can mitigate unauthorized 
lateral movement between workloads within 
or beyond the data center, which can help 
reduce the attack surface in the event that an 
attacker is already inside. 


Mitigating the risk of unauthorized 
application access: When any type of user 
(employee, contractor, third party, etc.) logs 
into any on- or off-premises application, 
they need to verify their identity with two- 
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factor authentication (2FA) and verify the 
security of their device, mitigating the risk of 
unauthorized access to applications and data 


due to stolen or weak passwords. 


Constant anywhere protection 


To provide protection to all enterprise users 
and systems, the network needs to move 

with the times by extending protection 

beyond its traditional perimeters. Intent-based 
architectures like SD-WAN provide a centrally 
controlled platform for deploying and managing 
a full edge security stack that extends protection 
to every network ingress or egress. For full 
protection, this stack should include network 
segmentation, firewall, secure web gateway, 
malware protection, and DNS-layer security. 


For any malicious files that manage to get 
through, malware detection can rapidly instruct 
the network to automatically move infected 
devices into a restricted or quarantined network 
segment. And by continuously updating 

threat intelligence to block malicious files and 
extending that intelligence to the endpoints 

and up to the cloud, the system can block such 
threats if they occur again. 
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Building a trustworthy network 
infrastructure 

As organizations digitize and threats escalate, 
there is an increased need to verify the security 
and integrity of the network infrastructure and 
the individual network devices. 


Building a “trustworthy” network infrastructure 
requires that security be implemented holistically 
across the entire product lifecycle. This helps 
protect against tampering and manipulation 
during manufacture, distribution, deployment, 
and continuous operation, which is especially 
important because third-party resellers, system 
integrators, or managed service providers are 
often involved in these processes. 


When upgrading equipment, networking 

teams should look for a number of important 
capabilities, such as hardware-anchored secure 
boot, secure unique device identifiers, and the 
ability to destroy keys and activate factory reset. 


In summary, networks are becoming increasingly 
adept at addressing current and future threats. 
lts up to NetOps and SecOps to take steps to 
build these advanced security capabilities into 
their network designs and operations so they 
can work together toward achieving continuous 
visibility, protection, and trust. 
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Current and future state of network security 


So where do organizations stand today in building out their overall network security model to achieve 
continuous protection? 


In our 2019 Global Networking Trends Survey, we asked network leaders how they would assess their 
current approach to network security vis-a-vis our five-stage readiness model. While organizations 
currently are distributed fairly evenly across all stages, almost three-quarters were confident they'd have 
some form of Al-enabled automated security policy definition and enforcement within that period.'4 


Figure 24 Intent-based network security readiness 
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Where organizations are now 


Where they plan to be in two years 


CD D 


Question: Which statement best describes your organization’s current approach to network security? 


Source: 2019 Global Networking Trends Survey; n = 1556 network strategists 
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Transitioning from reactive 


to business optimized 


Section summary 


ave Key takeaways alll Key findings 
Traditional network operations models are - 73% of teams spend more than half their 
not sustainable to support the required time just maintaining the status quo of the 
business services in the face of ever- network. 


Ile kee Te) ele aa IT leaders would prioritize their network 


IT teams are modernizing IT operations and teams’ resources to focus on multicloud; 
adopting DevOps approaches to leverage accelerate application deployments; and 
controller-based systems and Al-enabled better protect the network, applications, and 
tools that automate or eliminate many data if they could free up resources from 
traditionally repetitive network tasks. daily maintenance tasks that “keep the lights 
New advanced open-network platforms an 

enable better integration into other IT and - More than a third of IT leaders prioritized 
security systems and operational processes the importance of achieving better network 
and provide new opportunities for business coordination and integration with other IT 
application developers. teams and lines of business. 


In this next era of network operations, 
leaders and teams will be better positioned 
to move away from reactive operational 
models and continuously deliver the precise 
services that the business needs. 
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Section summary 
(continued) = 


Essential guidance C= Top predictions 


When adopting controller-based automation 
and assurance models, networking teams 
should focus their efforts on three critical 
process areas: lifecycle management, policy 
management, and assurance management. 


To improve service quality, cost, agility, and 
security, network administrators should move 
away from managing individual devices and 
focus their attention on the network controller 
and managing the end-to-end network 
system via the controller. 


Networking teams should embrace an open- 
platform, DevOps-led approach to integrate 
the network into IT processes and streamline 
end-to-end workflows so they can gain 
efficiencies and be more responsive to 
business needs. 


Network operations teams should 
equip themselves with emerging AlOps 
capabilities to deliver better network 
and business outcomes. 


Bridging business and IT: “Teams will 
rebalance time spent maintaining networks 
toward an outward focus on how the 
network can better meet organizational 
needs and support business innovation. 
New operations roles will be chartered with 
translating business intent and application 
requirements into network policies.” 


NetOps extending monitoring to the 
cloud: “As multicloud business services 
become the norm, NetOps teams will 
extend visibility and predictive monitoring 
across WAN, public networks, and to the 
cloud point of presence. For even greater 
insights, enterprise intent-based networking 
systems will start integrating data from 
service provider and cloud provider systems 
to ensure continuous quality of experience 
for cloud services.” 


— Rich Plane, CTO of Customer 
Experience, Cisco 


Transitioning from reactive to 
business optimized 


According to Cisco research, IT leadership teams are spearheading the 
digital transformation for their organizations. To accomplish this, they are 
driving a separate but equally important transformation—that of modernizing 
IT infrastructure and operations to meet emerging digital demands.*4 


For the first time, networking teams—by virtue of embracing an open-platform, DevOps-led approach— 
have the tools and technologies to integrate the network into IT processes and streamline end-to-end 
workflows so they can gain efficiencies and be more responsive to business needs. 


This approach also provides an opportunity to build operational bridges between network domains as 
well as integrate directly with applications to better support the changing needs of the lines of business. 


By adopting new ways of thinking about network operations and new ways of working, IT leaders and 
teams will be better positioned to deliver the exact services 

that lines of business need, whether better 
existing services or new business- 
enabling services. 


6 3 To 


According to our 2019 Global Networking 
Trends Survey, 63% of IT leaders plan to 
put in place advanced networks that can 
dynamically meet business needs within 


three years. "4 
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Current and future state 
of network operations 


Operational readiness to support digital 
transformation 

In our 2019 Global Networking Trends Survey, 
we asked IT leaders and network strategists 
how they would classify their current network 
operational readiness with regard to assurance 
management across five stages of maturity 
ranging from reactive to business optimized. 


While only 23% currently consider themselves to 
be predictive or business optimized, 71% plan to 
be there in two years, underscoring the urgency 
that organizations feel in preparing for increasing 
demands on the enterprise network. '¢ 


How network advances 
are changing network 
operations 


The recent surge of advanced network 
technologies will change virtually every aspect of 
network operations, and major changes can be 
expected in the following areas. 


Network operations integration 
into the IT process 


The old days of networks being operated in 
technology silos by engineers with expertise 
primarily in one area are fading fast. In our 
research, almost one-third of IT leaders 
emphasized the importance of achieving better 
network coordination and integration with other 
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Figure 25 Network operations readiness: Assurance management 
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Where organizations are now 


Where they plan to be in two years 


Question: Which statement best describes your organization’s current approach to network operational readiness? 
Source: 2019 Global Networking Trends Survey; n = 1556 network strategists 


IT teams, while 26% revealed the importance 

of improving their ability to engage with lines of 
business.'4 An additional 27% identified that a siloed 
design and operational approach across separate 
network domains was holding them back.‘ 


Thanks to the open interfaces that intent-based 
networking controllers provide, NetOps teams will 
relinquish their isolated operational silo to become 
a fully integrated part of IT workflows. 34% of IT 
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leaders identified this change as the one that 
would most help the network team better meet 
the needs of the organization. 


However, in order to achieve the desired levels of 
IT agility and continuous intent alignment, NetOps 
teams will be charged with improving integration 
across network domains (access, WAN, data 
center, cloud, etc.) as well as with other IT 
domains, such as IT service management (ITSM) 
and SecOps systems. 


This figure illustrates how NetOps will be able 
to use an open-platform and network DevOps 
approach to integrate network technologies 
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Full alignment with IT and 
business intent 


In essence, the network exists to provide 

the services needed to support employees, 
customers, and partners—or in other words, to 
run the business. But the reality is that traditional 
manual-operations approaches often fall short of 
meeting dynamic business needs. That’s about 
to change. 


With intent-based networks, network operations 
will be much more automated and dynamic 

and will be directly informed by business and 

IT intent. Such intent would include application 


and processes with other internal and even performance needs, security policy and 


external systems. compliance, and IT processes. 


Figure 26 Integration opportunities with open-platform network DevOps approach 
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Over time, translation of business and IT intent 
into network policy will become an integral part 
of the network operations role. 


Automation to reduce network 
operations complexity 


There’s no question that automation of 
operations tasks is changing the face of network 
operations. One-quarter of IT leaders and 
network strategists identified automation as the 
technology that would make the biggest impact 
on their network strategy and design over the 
next five years. '4 


However, this will mean leaving behind 
traditional manual approaches to configuring 
and maintaining the network. Some teams 

will find this unsettling, with 20% of IT leaders 
identifying reluctance among NetOps teams to 
adopt automation and Al technologies as a main 
obstacle to modernization. '4 


Preventive versus reactive 
oroblem and incident 
management 


As discussed earlier, many organizations find 
themselves in a reactive stage of operational 
readiness. The challenge here is that 25% of 
respondents indicated that a reactive operational 
mindset was holding them back from achieving 
their networking objectives.°° This, too, is about 
to change. By using Al and integrating with other 
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IT systems, NetOps teams will be able to achieve 
a state of predictive maintenance that fixes 
problems long before they become incidents and 
impact services. 


Human and artificial intelligence 
working in tandem 


Network engineers need all the help they can get 


dealing with network complexity. 


That’s why NetOps teams are arming themselves 
with new Al-driven operations (AlOps) 
capabilities like machine learning and machine 
reasoning that can deliver more accurate 
performance baselining, anomaly detection, 
automated root cause analysis, remediation 
guidance, and predictive insights. 


Instead of sifting through thousands of events, 
NetOps teams will increasingly rely on these 
technologies to accurately present only the 
most important ones, together with the top 
remediation options. The AlOps team may also 
work to fine-tune this output, enrich the content, 
and integrate the knowledge with key business 
and service management systems. 
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The move to AlOps is 
gathering momentum, as 
42% of IT leaders believe 
that Al will have the 
biggest impact on their 
automated operations in 
the future. 


42% 


Bringing operational technology 
connectivity to network operations 


The fact that loT devices are considered business 
assets, and that the operational data they produce 
is vital to business operations, clearly underscores 
the need for new approaches to infrastructure 
management. 


In loT use cases such as real-time monitoring, 
operational problems could have serious, even 
life-threatening consequences. 


With large networks, loT devices could 
number in the millions, so automation is the 
only way to manage them effectively. 


n some cases, there’s no guarantee of a 
constant connection between HQ and remote 


oT devices (which is driving investment in 
edge and fog analytics). 


Introducing a next- 
generation network 
operations framework 


To help prepare for a network operations future 
driven by intent-based networking, Cisco 


A 


Operations 


Customer Experience technology experts have 
created a framework that delivers strategic 
guidance, best practices, validated designs, proven 
processes, and recommended adjustments. 


At the heart of this model are three critica 
process areas: lifecycle management, policy 
management, and assurance management. The 
operational simplification that IBN offers makes 


it possible to plan and build an operationa 


transformation around these core processes. 


A new mind-set: 
Managing the 
network controller 


According to Jake 
Hartinger, solutions architect 

with Cisco Customer Experience, 
one of the most profound changes in 
network operations will be the shift in focus 
from device to controller. Until now, network 
administrators have typically provisioned 
and collected information from the network 
by logging into devices. 


With controller-based automation and 
assurance models, administrators will focus 
on managing the controller, the integrations, 
and the processes in relation to the 
controller. The more an organization is able 
to embrace this one change, the faster they 
will be able to improve service quality, cost, 
agility, and security.38 
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Figure 27 Emerging operations models for the new network 


Controller 


New or changing 
processes 


release 
management 


Lifecycle 


New process pillars 
management 


Traditional processes 
that potentially require 
integration 


Lifecycle management 


The change to controller-led automation and 
provisioning systems requires much stricter 
adherence to hardware, software, and security 
standards. A user making a command line 
interface (CLI) change may find that the 
controller will override the command in future 
updates because it is not defined as policy. 


To avoid this scenario, the organization will need 
to have well-defined lifecycle management 
practices around release management 


ee i Policy Policy Fault 
Provisioning Compliance definition administration resolution Health 
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Assurance 
management 


Policy 
management 


and change management, especially with 


automations that focus on the network or service 
as a system. 


Managing the network controller, in simple terms, 
involves managing new controller hardware, 
software, integration points and APIs, and the 
user-interface configuration that manages policy 
and assurance capabilities. Because controller 
capabilities will be continually changing for the 
foreseeable future, defining a unique lifecycle 
management process for the network controller 
and integrations will be paramount. 
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Figure 28 Network operations readiness: Lifecycle management 


o > 


---------- @ DIGITAL ERA 


® ee PREDICTIVE BUSINESS- OPTIMIZED 


eas gponsve Orchestration and 
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gere of controller and device provisioned with ongoing lifecycle 


automation tools controller and 


infrastructure changes 
based on business intent 


hardware, software, and 
configuration standards 


Responds to predefined 
infrastructure lifecycle 
markers and security 


Well-defined lifecycle 


Well-defined tools and change triggers and 


Manual changes to ' alerts change processes processes 
network devices reactive | ; 
to business alerts and P Meinod release ane 
conditions ' change processes to 
+ maintain compliance 
across infrastructure 
Policy management Because policy changes can have a very broad 


activation footprint, possibly affecting the 


Managing netware policy 19-2180 Cssciule! configurations of thousands of devices, they 


because to be successful and sustainable, ie 2 
need to be prescriptive in nature—so they can 


network controllers will rely on stricter network be tested and verified as valid and approved. 


standards and guidelines for network device Eventually, as model-based policy verification 


hardware, software, configurations, and even models that simulate any changes before they 


integrations. Policy must first be defined and are activated become more widespread, 


then updated. It must also be configured there will be room for more flexibility in 


within network controllers to ensure that configuration options. 
defined standards are continually provisioned. 
Additionally, policy must be verified using 


compliance verification methods. 
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Figure 29 Network operations readiness: Policy management 
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Assurance management facilitate rapid resolution or improved health. And 


with the expectation that the Al-enabled system 


Small networks tend to be easily managed with will continue to improve based on learnings 


naman Manos sma Krans, DUE Tanger netwarks from large numbers of additional deployments, 


become nearly impossible to manage without operations teams will continue to benefit. 


tools, network data, and well-defined processes. 


Today only one in five operations teams have the In larger networks, the result is improved service 
ability to use advanced analytics to potentially quality, rapid issue resolution, and operational 
identify and remedy service-impacting issues efficiency. An AlOps team might focus on 

before they happen." filtering, enrichment, and APIs with business or 


service management systems to fully automate 


With an Al-enabled intent-based networking assürance WORE 


model, assurance management improves and 


integrates these resources with analytics, API In addition to these three core process areas, we 
integrations, correlation capabilities, advanced recommend looking at the possible interactions 
inventory and reporting, and enrichment. In with traditional ITSM processes, IT domains, and 
particular, analytics and enrichment provide systems to identify other potential integration 
additional details about network faults that opportunities. 
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Future of network operations 
predictions 2025 


According to Rich Plane, CTO of Cisco Customer O NetOps extend monitoring to the cloud: As 


Experience, in five years’ time, network 
operations teams are going to be much more 
effective at doing what their organizations need 
them to do. Here are his predictions on how this 
will happen. 


@ End-to-end assurance: Network operations 
teams will be able to do predictive problem 
detection and root cause analysis between 
any client or device and any business service, 
hosted anywhere, and quickly pinpoint if and 
where the network is the cause of any service 


performance degradation. 


multicloud business services become the norm, 
NetOps teams will extend visibility and predictive 
monitoring across WAN and public networks 
and to the cloud point of presence. For even 
greater insights, enterprise IBN systems will start 
integrating data from service provider and cloud 
provider systems to ensure continuous quality of 


experience for cloud services. 


Model-based change management: More 
advanced NetOps processes such as “what-if” 
analyses of any changes being made on the 


network will extend beyond the data center and 


become more widespread. 
2) Bridging business and IT: Network operations 


will be able to rebalance their focus from being © Self-driving, self-healing workflows: Some 
almost exclusively engaged in monitoring and less impactful workflows will be fully automated, 
troubleshooting the network to also having an allowing the network to take remedial or lifecycle 
outward focus toward the business and how management actions without human operator 
the network can best meet business needs. intervention. The result of this data-driven and 
New operational roles will be chartered with intent-validated approach will be much higher 
understanding and translating business intent and levels of continuity of service due to minimized 
application requirements into network policies. error opportunity. 


9 NetOps and SecOps operate from a single 
source of truth: NetOps and SecOps teams will 
develop integrated and streamlined workflows 
enabled by data sharing, automated handoffs, 


and interactions between platforms and tools. 
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New skill sets for the modern network ze 


Section summary 


27% of IT leaders identified the lack of 
necessary Skills as a main obstacle to 


ave Key takeaways 


transitioning to an advanced network. 


New technologies are eliminating many 


z P 
manual tasks in many industries, and IT is no Coa dere pre rer TEk ey 


. investing in training, continuing education, 
exception. g g g 


and certifications. 
The good news for IT and networking is that 


job demand remains strong for those who Network strategists identify Al, IT/OT integration, 


; 3 à automation, and network DevOps as top areas 
acquire new in-demand skill sets such as p p 


a for skills enhancements. 
network programmability. 


As network operations become more 

automated, network administrators will i i 

take on roles that align to new operational Essential guidance 
practices related to management of network 


lifecycle, policy, and assurance. Strategists: Consider acquiring technical, 
Network strategists will take on high- business, and software expertise that allows 
value roles that target improving business you to develop along one or more of the 
alignment, integrating IT processes, following tracks: 


improving security, and making better i ; ee 
The business translator will focus on aligning 
use of data. 
IT performance to dynamic business intent. 


The network guardian will focus on bridging 
network and security architectures. 


alll Key findings - The network data architect will focus on 
leveraging network analytics and Al. 
On average, network maintenance tasks - The network integration architect will 
take up 55% of a network team’s time and focus on integration across network 


resources today. and IT domains. 
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Section summary 
(continued) =æ 


Practitioners: Proactively acquire the right 
mix of technical and software skills that allow 
you to develop in one or more of the following 
emerging areas: 


The network commander will focus on 
network lifecycle management. 


The network orchestrator will focus on 
policy translation and automation. 


The network detective will focus on service 
assurance and network security. 


Leaders: Consider these recommendations to 
build the network team of the future: 
Cultivate a culture of continuous learning. 


Find the balance between reskilling 
and hiring. 


Invest more in training and development. 
Rotate talent to increase business acumen. 


Foster an inclusive work environment. 


C= Top prediction 


“By 2025, 75% of networking teams will spend 
less than a third of their time maintaining the 
network status quo and two-thirds delivering 
innovation and creating value for the business.” 


— Joe Clarke, distinguished engineer, Cisco 
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IT leader 


- Overall IT and network oversight 
- Oversee network strategy 
and budget 


Titles: ClO, VP IT infrastructure, 
director of IT 
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Network 
Strategist 


- Responsible for defining network 
strategy, roadmap, architecture, 
and technology preferences 


Titles: Network strategist, 
IT/network architect, 
network manager 


Talent 


Network 
practitioner 


- Responsible for deploying, 
configuring, maintaining, and 
troubleshooting the network 


Titles: Network engineer, 
network administrator, 
network support engineer 
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Preparing fOr changing surveys, IT leaders and network strategists reveal 
, : the skills gaps they are seeing in the usual and 
networking skill sets not-so-usual places. 


It should come as no Surprise that as the : : : 
. . The biggest information 
enterprise network evolves, so do the skills that 


are needed to build and manage it. In two recent technology Skills gaps 


Data from our IT talent survey reveals that across 
IT in general, advanced technologies such as 
cloud expertise, enterprise architecture, big 

data and analytics, DevOps, and cybersecurity 


top the list of technical skills and expertise in 
need. Incidentally, the need for expertise in 
the first four skills gaps topics—cloud, enterprise 
architecture, data analytics, and DevOps—offers 


strong evidence of IT’s changing roles. 


Figure 30 Top IT skills gaps 


Cloud expertise 
Enterprise architecture 
Big data and analytics 
DevOps 


Cybersecurity 


Internet of Things 


35% — Cloud-native application development 


29% Programming/scripting 


en O Oúģú User interface and experience design 


26% ARR 


9% Artificial intelligence and ML 


Question: What are the most important technology skills or expertise that your IT department needs to support business transformation? 
Source: Next-Generation IT Talent Strategies, Cisco, October 2018; n = 600 IT and business executives 
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The biggest networking skills gaps 


In our 2019 Global Networking Trends Survey, we asked IT leaders and network strategists 
to rate their team’s readiness in building and maintaining a network that meets the future demands 
of their organization. 


Overall, leaders and strategists express a fair level of confidence in their network team’s capabilities. IT 
leaders identified analytics and Al, together with business skills and application development skills, as 
needing the most attention. While network strategists also recognized analytics and Al as a gap, they 
identified IT/OT integration, automation, and network DevOps as the other key areas for improvement. 14 


Figure 31 Confidence in networking team readiness across different skill sets 
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learning expertise 
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Routing and switching technologies 
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Cloud networking expertise 
Internet of Things—IT/OT integration 
Network provider management 
SecOps network security 

Network strategy and architecture 
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Network DevOps 
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Question: Thinking about the current skill sets and capabilities of your networking team, how would you rate the team’s readiness level to 
build and maintain a network that meets the future demands of your organization in each of the following areas? 
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Source: 2019 Global Networking Trends Survey; n = 2061 (505 IT leaders; 1556 network strategists) 
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Increasing need for business and soft skills 


Talent 


Our own IT talent survey reveals that a lack of business acumen is the number-one skills gap in IT 


today.*4 Filling this gap will be critical as organizations transition to intent-based networks. By speaking 


the language of the business, IT can effectively translate business objectives, or intent, into high-level IT 


policies, which in turn can determine infrastructure and device configurations. 


Figure 32 Business acumen identified as a top skills gap 


Business acumen 
Deep knowledge of the 
business or functional areas 


Technical skills 
Design, configure, program, 
deploy, and manage 


Soft skills 
Critical thinking, problem-solving, 
leadership, negotiation 


Technology expertise 
Cloud, security, data 
analytics, loT skills, etc. 


Question: What are the biggest gaps in IT skills and expertise that you need to support business transformation initiatives? 
Source: Next-Generation IT Talent Strategies, Cisco, October 2018; n = 600 IT and business executives 


How Cisco does it: 
Developing business acumen 


At Cisco, we’ve created “Customer Zero,” a 


program that places IT professionals in product 
development, where they can develop business 
acumen and soft skills like critical thinking and 


V 


deep problem-solving. This encourages 
N employees to adapt and transform in ways 
that help us stay competitive. 


N% 


Network administrators, for 
example, who add programming 
or data analytics capabilities to 
their skill set can fill an emerging 
role in a way that effectively 
broadens their contribution and 
increases the value of their work. 


These crossover roles will require 
unique and much-sought-after 
combinations of discrete technical 
areas and language-based skills. 


Crossover roles more 
prominent in the future 


In the near future, some IT roles will evolve into 
crossover positions that soan more than one area. 


For example, practitioners might program the 
network via APIs and programming languages. 
Or NetOps and SecOps teams might 
collaborate to build streamlined operational 
workflows between the two teams. 
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“We need network and 
infrastructure engineers 
who are driven to design, 
build, and operate mission- 
critical infrastructures. We 
need software developers 
who are driven to write 
innovative applications that 
run on infrastructure and 
that automate workflows and 
tasks. The most effective 
organizations will have teams 
of domain experts in both 
software and infrastructure 
who can work together 
effectively.””” 


— Susie Wee, SVP and CTO, Cisco DevNet 


New roles for network 
Strategists 


Undoubtedly, the most pressing job for network 
strategists will be to build an effective, low- 

risk roadmap to a more agile and business- 
aligned network architecture. Strategists will 
also need to optimize IT by creating self-service 
network catalogs, integrating the network into 
IT processes, integrating NetOps and SecOps 
workflows, and converging IT and operational 
technology (OT). Organizations will need help 
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Talent 


with designing network-enabled business 
innovations like location-based personalization, 
workplace utilization optimization, or remote 


expert applications. 


Strategist of the future: Delivering 
value beyond the network 


Cisco distinguished engineer Joe Clarke believes 
that the network strategist role will increasingly 
encompass functions that are currently off 

the radar of most strategists today. Network 
strategists will likely evolve along one or more of 
the following tracks: 


The business translator focused on aligning IT 
performance with business intent: 


The translator will work to better turn the needs 
of the business into service-level requirements 
that can be applied and monitored across the 
network. The translator will also work to better 
use the network and network data for business 
value and innovation. 


Business skills: Ascertain business 
requirements and translate them into 
network requirements. 
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DevOps skills: Understand 
how network platform 

APIs and natural language 
processing (NLP) 
technologies can bridge 
business intent and IT. 


The network integration 
architect focused on integration 
of network and IT domains: 


Integrators will work to integrate 
the network into the IT process 
and with external systems. The 
integrator will also be responsible 
for the integration between 
network domains to ensure that 
intent is delivered across all 
relevant domains. 


IT process reengineering and integration: 
Understand IT processes and workflows to 
change and integrate network operations for 
improved efficiencies. 


ITSM service operations: Understand 
information technology infrastructure library 
(ITIL) processes to effectively link network 
assurance systems to ITSM capabilities. 


DevOps skills: Develop an understanding 
of the APIs offered by an open-network 
platform and how they can enable integrated 
workflows with other IT systems. 


The network guardian focused on bridging 
network and security architectures: 


Guardians will build the distributed intelligence 
of the network into the security architecture 
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How Cisco does it: 
Continuous IT learning pathways 


At Cisco, we have developed several IT learning 
pathways around enterprise, security, data center, 
service provider, collaboration, DevNet, and other 
advanced topics, giving engineers the opportunity 
to develop cutting-edge skills. We also offer 
continuing education for all associate, 
specialist, professional, and expert levels, 
as well as free or discounted training 
and certifications for employees. 


and SecOps processes. The network guardian 
will have a critical role in the convergence of 
networking and security. 


Security skills: Define network security 
architectures, deploy network security 
technologies, and understand the role the 
network has in contributing to overall security. 


DevOps skills: Understand how network 
platform APIs can enable integration with 
SecOps systems. 


The network data architect focused on 
leveraging network analytics and Al: 


The network data architect will work to better 
leverage the vast amounts of data traversing 
the network and emerging Al-enabled tools to 
improve IT services and inform the business. 


Analytics and Al skills: Harvest data to 
make better decisions faster. Understand Al 
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technologies and how they can be applied for 
network assurance and integrated with other 
IT systems for overall service assurance. 


Business insight skills: Understand the 
business and how it can use network- 
accessible data to inform decisions and 
create new opportunities. 


New roles for network 
practitioners 


As digital transformation becomes central to an 
organization’s strategy, network practitioners will 
need to focus less on repetitious management 
tasks and more on value-added services that 
support business goals. This will become 

easier to do as increasing levels of automation 
in advanced networks begin eliminating the IT 


engineers’ more time-consuming tasks. 


Network engineers of the 
future: Delivering value beyond 
connectivity 

As intent-based networks become more 


prevalent, network practitioners’ roles will evolve 
to support one or more network operations 
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“A successful network 
engineer today is one 

who is good at integrating 
new technologies with 
traditional ones, and who 
bridges the gap between 
networking and software 
development. This calls for 
both a DevOps mind-set 
and a better understanding 
of how technology is linked 
to business goals.” 


— Joe Clarke, distinguished engineer, Cisco 


pillars: lifecycle, process, or assurance. In this 
scenario, network practitioners will need to 
develop skills to carry out one or more of these 
potential roles: 


The network commander focused on network 
lifecycle management: 


The commander will take charge of the 
processes and practices that ensure the overall 
health and continuous operation of the network 
controller and underlying network. 


Required skills: Operate, maintain, and 
tune a controller that delivers automation 
and orchestration in intent-based 
networking environments. Ensure the 
sustainability of platform integrations with 
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delivers on the promised business intent. 
Repetitious Detectives will need to integrate with IT service 


management tasks management processes, and they will also work 


o i 
55 I can take up 55% of closely with the Fro team to ensure hat 
os ; network anomalies are flagged and potential 

network practitioners 


time and resources 
today. 14 Required skills: Identify and prioritize 


security holes are closed. 


trends based on Al-driven insights so the 


organization can proactively take action. Tune 

other systems. Understand the lifecycle of 
and provide feedback to the analytics systems 

these controllers and ensure the continuous o 
, , n so that anomaly detection and remediation 

health, security, compliance, and stability of 


, is continuously improving. Integrate network 
the controllers and the underlying network. 


problem detection and resolution processes 
The network orchestrator focused on policy into IT and security processes. 


translation and automation: 


Orchestrators need to understand how business 
needs translate into network policy and then 
manage the automation of those policies. 
Orchestrators will also be responsible for policy 
alignment with other network and IT domains. 


Required skills: Master how to employ 
infrastructure automation tools, automation 
protocols, and data models. Gain 


proficiency with Linux, Python, and network 


programmability developer tools. Understand ai leaders: Taking Action 


common data formats. Become familiar with 


agile software development methodologies to fi Il the networki ng 
and be comfortable using APIs and toolkits to talent ga 0 


interface with network controllers and devices. 
Building technical skills now is critical for 


The network detective focused on network and delivering successful digital transformation in the 


service assurance: future. In our 2079 Global Networking Trends 


Survey, we invited IT leaders to share what 
Detectives will be adept at using and tuning X 


they are currently doing to develop their talent. 
network assurance tools that use advanced y y 9 p 


, Reskilling, expanding, and rebalancing are the 
analytics and Al to ensure that the network ern g g 


top approaches. 
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Figure 33 Preferred approaches to addressing networking skills gaps 


Reskill k 
Increase investing in training, continuing 
education, certifications 


Expand 
Hire to expand internal team talent pool 


Rebalance 


Invest in automating network ops to transition 
resources to more strategic projects P: 


Augment 
Temporarily augment internal team with 
outsourced services 


Outsource 
Replace internal team resources with external 
services for emerging network roles and functions 


Replace 
Hire new talent to replace existing staff 


Culture 
Change team culture to one of continuous learning 


No action 
Already have the talent required 


Question: What is the main approach your organization’s IT leadership should prioritize to address the current 
gaps in the talent needed to plan, deploy, and maintain your future networking needs? 


Source: 2019 Global Networking Trends Survey; n = 505 IT leaders 


While leaders have concerns about reskilling, it continues to be the preferred 
approach for both IT business skills and IT technical skills. 


Figure 34 Biggest concerns with reskilling 


Talent gap 
The new skill sets required may be too big a leap 
for my current team members. 


Retention 
As we invest in reskilling our team, how will we be 
able to retain their new high-in-demand talents? j 


Resistance 
The team members are concerned about what a transition 
to automation will mean for their jobs in the long term. 


nia 


Timing 
We won '’t be able to reskill the current team fast 
enough to keep up with the needs of the business. 


Obsolescence 
With technology changing so fast, how can | be sure 
the reskilling investment in time and cost will pay off? 


Culture 
Many team members are not culturally in tune with 
the need to change. 


Question: As you consider any plans to reskill your organization’s network team to better build and support a 
more advanced network, what concerns you most? 


Source: 2079 Global Networking Trends Survey; n = 505 IT leaders 
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Recommendations for IT leaders: 
How to build the network team of 
the future 


According to Guillermo Diaz, SVP of customer 
transformation at Cisco, these five strategies can 
help leaders build a networking team equipped 
to power a digitally transformed business. 


@ Cultivate a culture of continuous learning: It 
is absolutely essential that IT leaders cultivate a 
culture of continuous learning. Doing so will help 
network practitioners and strategists regularly 


master the skills they need to adapt to new 


technologies and operational processes. This 
can be done through a combination of in-house 
and outside development opportunities that give 
your teams a variety of education, experience, 


and exposure. 


@ Find the balance between reskilling and 
hiring: Our research shows that leaders are 
increasingly relying on reskilling to fill skills gaps. 
When it comes to new technologies, however, 
the opposite seems to be the case. Many 


organizations are looking for new talent to fill 


Talent 


‘Reskilling is less costly 


than turning to the outside 
market to hire a new 
specialist, certainly in terms 
of salary and recruitment 
fee, but also in terms of 
the cost of onboarding, 
transferring organizational 
tacit knowledge, and 
process familiarity. Your 
existing people may lack 
certain new skills and 
Capabilities, but they likely 
have a lot of what you need 
to give you a head start.””* 


— Colin Seward; CIO in Europe, the Middle 


East, Africa, and Russia; Cisco 


emerging tech jobs, especially around Al and ML. 3) Invest more in training and development: In a 


Finding the right balance between development 


and hiring will depend on business and operation 


goals and where you are in your network 


transformation. 
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recent survey of IT leaders, we discovered that 
organizations that are more successful in their 
digital transformation spend almost 10% more 


on training and development for their IT staff.34 


When IT is able to match the pace of technology 
change, it is able to make faster, smarter, and 
better data-driven decisions in support of 


business objectives. 
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Meeting new needs: Cisco’s expanded certification suite 


To help address these new training requirements, network curriculums and 


certifications, such as those delivered by Cisco, are being rapidly refreshed.°’ 


Associate Level 


(a Fas j 
Engineering . (ccna) (5) 
cisco < cisco 
( CERTIFIED CERTIFIED 
DEXWET DEWVNET 
Software \ Associate SPECIALIST 


O Rotate talent to increase business acumen: 


How Cisco does it: Attracting new talent 


Finding good talent doesn’t happen by accident. That’s why we use 
programs like our IT University, Cisco Networking Academy, and the 
Cisco International Internship Program to identify and hire new talent, 


Having IT and business staff exchange 
places through short-term rotations expands 
understanding, develops broader context, and 


enables more productive interactions afterward. 


More specifically, the ability to provide networking, 


application, and business rotations provides 
a blend of technology, programmability, and 


business acumen skills. 


Specialist Level 


Professional Level Expert Level 


(Ecis) ( Cle): 
CCNP ACOIE J 
NAT I EF 


cisco |= $ 
CERTIFIED 


DEWNET 


\ Professional 


CISCO 
CERTIFIED 


DEVNET 


Expert 


5] Foster an inclusive work environment: The 


previous recommendations center on talent. 
Creating a workplace that is highly inclusive 
means making the most of the talent your 
organization has at its disposal. Companies 
that prioritize diversity and inclusion in how 
they recruit, manage, develop, and reward 
employees are shown to outperform rivals that 
do not. It starts with executive leadership and a 


commitment to behavioral standards, programs, 


policies, and training that create the conditions 
for an inclusive organizational 
environment. The next- 
generation IT organization has 
to “walk the talk” of a diverse, 
inclusive culture in how it 


operates every day. 


as well as the Cisco Veterans Program, which helps us train and 


employ veterans interested in technology careers. 
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About this report 


The 2020 Global Networking Trends Report gives IT leaders, strategists, 
and practitioners insights into current and future networking trends across 
the enterprise and offers essential guidance on networking technology, 
operations, and talent. The report is based on original Cisco research 

and includes new data from the 2019 Global Networking Trends Survey 
of 2061 IT leaders and strategists from 13 countries. In addition, Cisco 
leaders, fellows, and distinguished engineers provide expert analysis and 
recommendations for organizations transitioning to advanced networking 


technologies. 


This report is dedicated to Cliff Apsey, 

whose passion for delivering the best digital 
experiences for customers inspired us to make 
this report a better experience for you. We 
appreciate the time we had with Cliff and will 
forever miss him. 
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